1 results (0.010 seconds)

CVSS: 6.8EPSS: 18%CPEs: 1EXPL: 0

Multiple PHP remote file inclusion vulnerabilities in Bilder Uploader 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) gruppen.php, (2) bild.php, (3) feed.php, (4) mitglieder.php, (5) online.php, (6) profil.php, and possibly other unspecified PHP scripts. Múltiples vulnerabilidades de inclusión remota de archivo en PHP en Bilder Uploader 1.3 permite a atacantes remotos ejecutar código PHP de su elección mediante un URL en el parámetro config[root_ordner] a (1) gruppen.php, (2) bild.php, (3) feed.php, (4) mitglieder.php, (5) online.php, (6) profil.php, y posiblemente otras secuencias de comandos PHP. • http://osvdb.org/36443 http://osvdb.org/36444 http://osvdb.org/36445 http://osvdb.org/36446 http://osvdb.org/36447 http://osvdb.org/36448 http://secunia.com/advisories/26399 http://securityreason.com/securityalert/2993 http://www.securityfocus.com/archive/1/475954/100/0/threaded http://www.vupen.com/english/advisories/2007/2836 https://exchange.xforce.ibmcloud.com/vulnerabilities/35922 •