PHP remote file inclusion vulnerability in modules/rtmessageadd.php in LAN Management System (LMS) 1.5.3, and possibly 1.5.4, allows remote malicious users to execute arbitrary PHP code via a URL in the _LIB_DIR parameter, a different vector than CVE-2007-1643.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lan management system lan management system 1.5.4 |
||
lan management system lan management system 1.5.3 |