xmb.php in XMB Forum 1.9.1 extracts and defines all provided variables, which allows remote malicious users to modify arbitrary server variables such as _SERVER[REMOTE_ADDR].
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xmb forum xmb 1.9.1 |