:::::::::::::::::::::::::::::::::::::::::::::::::::....................... ::| \ | (_) | \ | | / ____| ::| \| |_ ___ ___ | \| | __ _ _ __ ___ ___ | | _ __ _____ __ ::| . ` | |/ __/ _ \ | . ` |/ _` | '_ ` _ \ / _ \ | | | '__/ _ \ \ /\ / / ::| |\ | | (_| __/ | |\ | (_| | | | | | | __/ | |____| | | __/\ V V / ::|_| \_|_|\___\___| |_| \_|\__,_|_| |_| |_|\___| \_____|_| \___| \_/\_/ :::::::::::::::::::::::::::::We got the nicest name in the security scene! ::::::::Info::. ::Script:Ossigeno-script ::Version:2.2_alpha3 ::Author:Neovision ::Homepage:http://sourceforge.net/projects/ossigeno :: :::::::::Details::. ::Type: File Inclusion ::Exploit: :: :: upload/common/footer.php contains : :: include("{$level}{$graphic_base}templates/{$header["template"]}_footer.php"); :: :: $level is undefined :. :: ::and if anybody needs some cheap xss to publish ->read that code xD ::plus it may even hold more rfi, we just took a quick look :: ::::::::::::::::::::::::::::::::. :::::::::::Additional_Information::. :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::. ::Contact: naxx@nicenamecrew.com ::Website: http://nicenamecrew.com :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::.