Directory traversal vulnerability in global.php in 4images prior to 1.7.7, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the l parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
4homepages 4images 1.6 |
||
4homepages 4images 1.5 |
||
4homepages 4images 1.7 |
||
4homepages 4images 1.7.3 |
||
4homepages 4images 1.7.5 |
||
4homepages 4images 1.7.4 |
||
4homepages 4images 1.0 |
||
4homepages 4images |
||
4homepages 4images 1.7.1 |
||
4homepages 4images 1.7.2 |
||
4homepages 4images 1.6.1 |