PHP remote file inclusion vulnerability in misc.php in SH-News 0.93, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via the news_cfg[path] parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sh-news sh-news 0.93 |