Multiple PHP remote file inclusion vulnerabilities in definitions.php in Lussumo Vanilla 1.1.10, and possibly 0.9.2 and other versions, allow remote malicious users to execute arbitrary PHP code via a URL in the (1) include and (2) Configuration['LANGUAGE'] parameters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lussumo vanilla 1.1.8 |
||
lussumo vanilla 1.1.7 |
||
lussumo vanilla 1.1.2 |
||
lussumo vanilla 1.1.1 |
||
lussumo vanilla |
||
lussumo vanilla 1.1.9 |
||
lussumo vanilla 1.1.5 |
||
lussumo vanilla 1.1.4 |
||
lussumo vanilla 1.1.3 |
||
lussumo vanilla 0.9.2 |
||
lussumo vanilla 1.0.2 |
||
lussumo vanilla 1.0.1 |
||
lussumo vanilla 1.1.6 |
||
lussumo vanilla 1.1 |
||
lussumo vanilla 1.0.3 |