iLister是一个非常强大和灵活的多语言分类广告脚本。 iLister功能强大，搜索引擎友好，是创建分类广告站点的最佳选择。iLister Listing存在一处本地文件包含漏洞，可能导致攻击者获取WebShell。

[+]info:
~~~~~~~~~
Name : iLister listing script LFi Vulnerability
vendor URL :http://www.worksforweb.com/
Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com>
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_
greetz to :www.topsecure.net ,All ICW members and my friends :) luv y0 guyz
Description:
iLister listing script is an extremely powerful and flexible multi-language classifieds software. iLister listing script is your best choice in creating a SEO-friendly classifieds ads website for your visitors to sell anything, from cars to houses, to watches, to pets, to software scripts, or to works of art. If you need a powerful business directory script, iLister is the best choice to build a popular business directory.

[+]poc:
~~~~~~~~~
Xploit : LFi Vulnerability
http://server/search_results/?action=[LFI]

[+]Reference:
~~~~~~~~~
http://www.exploit-db.com/exploits/14202