PHP remote file inclusion vulnerability in openi-admin/base/fileloader.php in OPENi-CMS 1.0.1, and possibly earlier, allows remote malicious users to execute arbitrary PHP code via a URL in the config[openi_dir] parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openi-cms group openi-cms 1.0.1 |
||
openi-cms group openi-cms 1.0.1_beta1 |