index.php in PEGames uses the extract function to overwrite critical variables, which allows remote malicious users to conduct PHP remote file inclusion attacks via the abs_url parameter, which is later extracted to overwrite a previously uncontrolled value.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pegames pegames |