vendor:
Olbookmarks
by:
ThE TiGeR
7.5
CVSS
HIGH
Remote File Inclusion
CWE
Product Name: Olbookmarks
Affected Version From: Olbookmarks 0.7.4
Affected Version To: Olbookmarks 0.7.4
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
2007
Olbookmarks 0.7.4 multiple RFI (root)
The Olbookmarks 0.7.4 version is vulnerable to multiple Remote File Inclusion (RFI) attacks. An attacker can exploit these vulnerabilities by injecting malicious code via the 'root' parameter in various PHP files.
Mitigation:
Update to a patched version of Olbookmarks or apply appropriate security measures to prevent RFI attacks.