PHP remote file inclusion vulnerability in index.php in ocPortal 1.0.3 and previous versions allows remote malicious users to execute arbitrary PHP code by modifying the req_path parameter to reference a URL on a remote web server that contains a malicious funcs.php script.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ocportal ocportal 1.0.3 |