vendor:
by:
GolD_M = [Mahmood_ali]
7.5
CVSS
HIGH
Remote File Inclusion
CWE
Product Name:
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
2007
Wikivi5 Remote File Inclusion Vulnerability
The vulnerability allows an attacker to include a remote file in the application's code, which can lead to arbitrary code execution.
Mitigation:
The vendor should update the application to properly sanitize user input and avoid using user-supplied input in file inclusion functions.