##############################################################

XMRS Multiple Vulnerabilities (ZeroDay at 25-07-2008)

Author: AzzCoder [azzcoder (at) hotmail (dot) com [email concealed]]

Product: http://www.xrms.org/

Product Type: CRM

Thanks: coresecurity.com

Remote File Inclusion

File: activities/workflow-activities.php

Variable: $include_directory

Required register_globals: Yes

XSS

Multiple Files

Variable: $msg

Quote limitations: Yes

Information Gathering

tests/info.php

phpinfo() call

##############################################################

# milw0rm.com [2008-07-25]