PHP remote file inclusion vulnerability in function.php in Ultimate Fun Book 1.02 allows remote attackers to execute arbitrary PHP code via a URL in the gbpfad parameter. NOTE: some sources mention “Ultimate Fun Board,” but this appears to be an error.
CPE | Name | Operator | Version |
---|---|---|---|
ultimate_fun_book | eq | 1.02 |