Security holes : XMB Magic Lantern forum & DevBB

Hi all : Product 1 : XMB Magic Lantern forum 1.6b final http://www.xmbforum.com http://www.aventure-media.co.uk Problems : - Reading of logs files - XSS - Path Disclosure - Access to users/admins accounts - Logs distortion Exploits : - /indexlog.log - /cplogfile.log - If indexlog not chmod 777 =...