[VIM] True: XOOPS Module icontent v.1.0 Remote File Inclusion Exploit (Milw0rm 4022)

[George A. Theall]

The affected file starts basically with:

   include $spaw_root.'config/spaw_control.config.php';

so exploitation requires register_globals to be enabled.

In case anyone's curious, the issue is similar to the issue reported 
last year by Kapda:

   http://www.kapda.ir/advisory-331.html

That is, both phpwcms and Xoops' icontent module make use of a 
vulnerable instance of SPAW PHP WYSIWYG editor control.

George
-- 
theall at tenablesecurity.com