PHP remote file inclusion vulnerability in includes/todofleetcontrol.php in an older version of Xnova, possibly 0.8 sp1, allows remote malicious users to execute arbitrary PHP code via a URL in the ugamela_root_path parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xnova xnova 0.8 |