vendor:
Mazen's PHP Chat
by:
ThE TiGeR
7.5
CVSS
HIGH
Remote File Inclusion
98
CWE
Product Name: Mazen's PHP Chat
Affected Version From: 3.0.0 Beta1
Affected Version To: 3.0.0 Beta1
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
2007
Mazen’s PHP Chat V3.0.0 Beta1 Remote file inclusion
The vulnerability allows an attacker to include a remote file on the victim's server, potentially leading to remote code execution.
Mitigation:
The vulnerability can be mitigated by validating and sanitizing user input, and by implementing proper file inclusion techniques.