vendor:
Sinapis Gästebuch
by:
kezzap66345
7.5
CVSS
HIGH
Remote File Inclusion (RFI)
CWE
Product Name: Sinapis Gästebuch
Affected Version From: Sinapis 2.2
Affected Version To: Sinapis 2.2
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
2007
Sinapis 2.2 Gastebuch
The Sinapis 2.2 Gastebuch script is vulnerable to Remote File Inclusion (RFI) attack. The vulnerability allows an attacker to include a remote file hosted on a malicious server, which can lead to remote code execution or other malicious activities.
Mitigation:
The vulnerability can be mitigated by implementing proper input validation and sanitization techniques. It is recommended to update to the latest version of the script that includes security patches.