vendor:
PhP Generic library & framework
by:
xoron
7.5
CVSS
HIGH
Remote File Include
File Inclusion
CWE
Product Name: PhP Generic library & framework
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested: Not specified
2007
PhP Generic library & framework (include_path) Remote File Include Exploit
This exploit targets a vulnerability in the PhP Generic library & framework where an attacker can include remote files using the 'include_path' parameter. By manipulating the 'include_path' parameter, an attacker can execute malicious code on the target system.
Mitigation:
To mitigate this vulnerability, it is recommended to validate user input and sanitize any input used in file inclusion functions. Additionally, restricting access to sensitive files and directories can help prevent remote file inclusion attacks.