module/shout/jafshout.php (aka the shoutbox) in ph03y3nk just another flat file (JAF) CMS 4.0 RC1 allows remote malicious users to execute arbitrary code within sections bounded by "<?php" and "?>", possibly due to a static code injection vulnerability involving admin/data_inc.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
salims softhouse jaf cms 4.0 |