vendor:
ArticleBeach
by:
Zeni Susanto a.k.a Bithedz
9
CVSS
CRITICAL
Remote File Inclusion
98
CWE
Product Name: ArticleBeach
Affected Version From: 2.0
Affected Version To: 2.0
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006
ArticleBeach Script <= 2.0 (page) Remote File Inclusion Vulnerability
Input passed to the "page" parameter in index.php is not properly verified before being used. This can be exploited to execute arbitrary PHP code by including files from local or external resources.
Mitigation:
Download fix from vendor URL
