vendor:
Quantum Game Library
by:
RoMaNcYxHaCkEr
7.5
CVSS
HIGH
Multiple Remote File Include
98
CWE
Product Name: Quantum Game Library
Affected Version From: 0.7.2c
Affected Version To: 0.7.2c
Patch Exists: YES
Related CWE: N/A
CPE: a:quantum_star:quantum_game_library
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008
Quantum Game Library 0.7.2c Multiple Remote File Include
The vulnerability exists in the files server_request.php and smarty.inc.php in line 2 and 1 respectively. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. This can allow the attacker to include a remote file containing arbitrary code, which can be executed on the vulnerable server.
Mitigation:
The vendor has released an update to address this vulnerability. Users are advised to update to the latest version of the software.