blogsystem 1.4 >> local & remote = -rfi & lfi & -xss

[info@xxxxxxxxxx]

demo: blog23.com
by : hackerz.ir userz !
ADMIN/index.php include($category."/".$folder."_".$page.".php");
ADMIN/index.php include($category."/".$action.".php");
ADMIN/login.php include($lngTexts);
ADMIN/login.php include($lngConfig);
BO/index.php    include($category."/".$folder."_".$page.".php");
BO/index.php    include($category."/".$action.".php");
BO/login.php    include($lngTexts);
BO/login.php    include($lngConfig);
for example remote :
++++++++++++++++++++++++++
login to your user after that u can user exploit >
ADMIN/index.php include($category."/".$folder."_".$page.".php");
+++++++++++++++++++++++++
local file include & remote file include in admin panel
BO/login.php    include($lngTexts);
BO/login.php    include($lngConfig);