modsecurity.php 1.10 and previous versions, in phpWebSite 0.8.2 and previous versions, allows remote malicious users to execute arbitrary PHP source code via an inc_prefix parameter that points to the malicious code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpwebsite phpwebsite 0.8.2 |