vendor:
phpEventMan
by:
Cyber-Security
5.5
CVSS
MEDIUM
Remote File Inclusion
98
CWE
Product Name: phpEventMan
Affected Version From: 1.0.2
Affected Version To: 1.0.2
Patch Exists: NO
Related CWE:
CPE: a:phpeventman:phpeventman:1.0.2
Platforms Tested:
2007
phpEventMan v1.0.2 (level) Remote File Include Exploit
This exploit allows an attacker to include arbitrary files from remote servers.
Mitigation:
The vendor should sanitize user-supplied input to prevent remote file inclusion vulnerabilities.