PHP remote file inclusion vulnerability in cms/classes/openengine/filepool.php in openEngine 2.0 beta2, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the oe_classpath parameter, a different vector than CVE-2008-4329.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openengine openengine 2.0 |