Multiple PHP remote file inclusion vulnerabilities in Kravchuk letter (K-letter) 1.0 allow remote malicious users to execute arbitrary PHP code via a URL in the scdir parameter to (1) action.php, (2) subs.php, or (3) unsubs.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
k-letter k-letter 1.0 |