Multiple PHP remote file inclusion vulnerabilities in PgmReloaded 0.8.5 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the (1) lang parameter to (a) index.php, the (2) CFG[libdir] and (3) CFG[localedir] parameters to (b) common.inc.php, and the CFG[localelangdir] parameter to (c) form_header.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
matteolucarelli pgmreloaded |
||
matteolucarelli pgmreloaded 0.7.1 |
||
matteolucarelli pgmreloaded 0.7 |
||
matteolucarelli pgmreloaded 0.8.2 |
||
matteolucarelli pgmreloaded 0.8.1 |
||
matteolucarelli pgmreloaded 0.5 |
||
matteolucarelli pgmreloaded 0.8 |
||
matteolucarelli pgmreloaded 0.7.3 |
||
matteolucarelli pgmreloaded 0.8.4 |
||
matteolucarelli pgmreloaded 0.8.3 |
||
matteolucarelli pgmreloaded 0.6.2 |
||
matteolucarelli pgmreloaded 0.6 |