Multiple PHP remote file inclusion vulnerabilities in LAN Management System (LMS) 1.8.9 Vala and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in (1) the CONFIG[directories][userpanel_dir] parameter to userpanel.php or the (2) _LIB_DIR parameter to welcome.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lan management system lan management system |