RSS   Vulnerabilities for 'Indiscripts enthusiast'   RSS

2008-12-31
 
CVE-2008-5792

CWE-94
 

 
PHP remote file inclusion vulnerability in show_joined.php in Indiscripts Enthusiast 3.1.4, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. NOTE: the researcher also points out the analogous directory traversal issue.

 


Copyright 2024, cxsecurity.com

 

Back to Top