mt-phpincgi.php in Hajime Fujimoto mt-phpincgi prior to 2015-05-15 does not properly restrict URLs, which allows remote malicious users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted request, as exploited in the wild in May 2015.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
h-fj mt-phpincgi - |