PHP remote file inclusion vulnerability in includes/todofleetcontrol.php in a newer version of Xnova, possibly 0.8 sp1, allows remote malicious users to execute arbitrary PHP code via a URL in the xnova_root_path parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xnova xnova |
||
xnova xnova 0.8 |