SSI.php in YaBB SE 1.5.2 allows remote malicious users to execute arbitrary PHP code by modifying the sourcedir parameter to reference a URL on a remote web server that contains the code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
yabb yabb 1.5.2 |