DesktopOnNet 3 Beta LFI

[Whitney Houston <i4m4l1v3b17ch3z () gmail com>]

Hello list

I want to report serious scary issue, I find this vulnerability that make
me fall off chair and giggle like silly slut.

Project: http://sourceforge.net/projects/don3/

<?php
require('system/switches.php');

if
(file_exists('applications/'.$_GET["app"].'.don3app/'.$_GET["app"].'.php')){
        $appfile = $_GET["app"];
        $app_path = "applications/".$appfile.".don3app/";
} else {
        $appfile = "frontpage";
        $app_path = "applications/frontpage.don3app/";
}

if (file_exists("library/$appfile.don3lib")){
        $topper_array = don3_read_don3lib($appfile.".don3lib");
        $title = $topper_array[0];
} else {
        $title = "ERROR T1";
}


$topper_includer = 'applications/'.$appfile.'.don3app/'.$appfile.'.php';

....

include ($topper_includer);


Obviously I keep this bug super secret for many month but now i release for
all, after my recent death.

xx