Multiple PHP remote file inclusion vulnerabilities in OpenConcept Back-End 0.4.5 allow remote malicious users to execute arbitrary PHP code via a URL in the includes_path parameter in (1) admin/index.php, (2) Facts.php, or (3) search.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
back-end back-end cms 0.4.5 |