vendor:
Ad Manager Pro
by:
SecurityFocus
7,5
CVSS
HIGH
Local File-Include Vulnerability
98
CWE
Product Name: Ad Manager Pro
Affected Version From: 4.0
Affected Version To: 4.0
Patch Exists: YES
Related CWE: N/A
CPE: a:php_web_scripts:ad_manager_pro
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2012
PHP Web Scripts Ad Manager Pro Local File-Include Vulnerability
PHP Web Scripts Ad Manager Pro is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts in the context of the web server process. This may aid in further attacks.
Mitigation:
Input validation should be used to ensure that user-supplied input is properly sanitized.