Multiple PHP remote file inclusion vulnerabilities in Quantum Game Library 0.7.2c allow remote attackers to execute arbitrary PHP code via a URL in the CONFIG[gameroot] parameter to (1) server_request.php and (2) qlib/smarty.inc.php.
CPE | Name | Operator | Version |
---|---|---|---|
quantum_game_library | eq | 0.7.299 |