PHP remote file inclusion vulnerability in index.php in the Virii Info 1.10 and previous versions module for Xoops allows remote malicious users to execute arbitrary PHP code via a URL in the xoopsConfig[root_path] parameter. NOTE: the issue has been disputed by a reliable third party, stating that the application's checkSuperglobals function defends against the attack
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xoops xoops virii info module |