vendor:
Messagerie Locale
by:
DaDIsS
N/A
CVSS
N/A
Remote File Inclusion
CWE
Product Name: Messagerie Locale
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
2006
Messagerie Locale => (centre.php) $page Remote File Inclusion Exploit
The centre.php file in Messagerie Locale script allows remote attackers to include arbitrary files via a URL in the page parameter.
Mitigation:
The vulnerability is unpatched. To mitigate the risk, the developer should validate and sanitize user input before including files.