info
discussion
exploit
solution
references
SugarCRM/SugarSales Remote File Include Vulnerability
An exploit is not required. An example demonstrating this vulnerability is provided:
http://www.example.com/index.php?module=Home&moduleDefaultFile[Home]=[file]
Privacy Statement
Copyright 2010, SecurityFocus
