Unspecified vulnerability in index.php in Core CoreNews 2.0.1 allows remote malicious users to execute arbitrary commands via the page parameter, possibly due to a PHP remote file include vulnerability. NOTE: this vulnerability could not be confirmed by source code inspection of CoreNews 2.0.1, which does not appear to use a "page" parameter or variable.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
corenews corenews 2.0.1 |