PHP remote file inclusion vulnerability in include/editfunc.inc.php in Sebastian Baumann and Philipp Wolfer Newswriter SW 1.42 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the NWCONF_SYSTEM[server_path] parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
baumedia newswriter 1.42 |
||
baumedia newswriter 1.40 |
||
baumedia newswriter 1.41 |