PHP remote file inclusion vulnerability in Redaxo 3.0 up to 3.2 allows remote malicious users to execute arbitrary PHP code via a URL in the REX[INCLUDE_PATH] parameter to image_resize/pages/index.inc.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redaxo redaxo 3.2 |
||
redaxo redaxo 3.0 |