include.php in Shoutpro 1.0 might allow remote malicious users to bypass IP ban restrictions via a URL in the path parameter that points to an alternate bannedips.php file. NOTE: this issue was originally reported as remote file inclusion, but CVE analysis suggests that this cannot be used for code execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
shoutpro shoutpro 1.0 |