Multiple PHP remote file inclusion vulnerabilities in Softnews Media Group DataLife Engine allow remote malicious users to execute arbitrary PHP code via a URL in the root_dir parameter to (1) init.php and (2) Ajax/editnews.php. NOTE: some of these details are obtained from third party information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
softnews media group datalife engine 4.1 |
||
softnews media group datalife engine 5.5 |