vendor:
ClassWeb
by:
GolD_M = [Mahmood_ali]
7.5
CVSS
HIGH
Remote File Include
CWE
Product Name: ClassWeb
Affected Version From: 2.03 and earlier
Affected Version To: 02.03
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
2007
ClassWeb <= 2.03 Remote File Include Vulnerabilities
The ClassWeb version 2.03 and earlier is vulnerable to remote file inclusion. An attacker can exploit this vulnerability to include a malicious file from a remote server, which can lead to remote code execution.
Mitigation:
Update to the latest version of ClassWeb or apply the patch provided by the vendor.