PHP remote file inclusion vulnerability in hsList.php in WoWRoster (aka World of Warcraft Roster) 1.5.x and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the subdir parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wowroster wowroster 1.5.1 |
||
wowroster wowroster 1.5 |