Multiple PHP remote file inclusion vulnerabilities in (1) eday.php, (2) eshow.php, or (3) forgot.php in albinator 2.0.8 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the Config_rootdir parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
albinator albinator 2.0.8 |