PHP remote file inclusion vulnerability in the GEDCOM configuration script for phpGedView 2.65.1 and previous versions allows remote malicious users to execute arbitrary PHP code by modifying the PGV_BASE_DIRECTORY parameter to reference a URL on a remote web server that contains a malicious theme.php script.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpgedview phpgedview 2.65.1 |
||
phpgedview phpgedview 2.61.1 |
||
phpgedview phpgedview 2.65 |
||
phpgedview phpgedview 2.60 |
||
phpgedview phpgedview 2.61 |
||
phpgedview phpgedview 2.52.3 |