vendor:
PHP Doc System
by:
Unknown
5.5
CVSS
MEDIUM
Local File Inclusion
98
CWE
Product Name: PHP Doc System
Affected Version From: 1.5.1 and prior versions
Affected Version To: Unknown
Patch Exists: NO
Related CWE: None provided
CPE: a:php_doc_system:php_doc_system:1.5.1
Platforms Tested: Unknown
Unknown
Local File Include Vulnerability in PHP Doc System
PHP Doc System is prone to a local file-include vulnerability. This is due to the application's failure to properly sanitize user-supplied input. This may facilitate the unauthorized viewing of files and unauthorized execution of local PHP code.
Mitigation:
To mitigate this vulnerability, it is recommended to properly sanitize user-supplied input and implement access controls to prevent unauthorized access to sensitive files.