Multiple PHP remote file inclusion vulnerabilities in Blogator-script before 1.01 allow remote attackers to execute arbitrary PHP code via a URL in the incl_page parameter in (1) struct_admin.php, (2) struct_admin_blog.php, and (3) struct_main.php in _blogadata/include.
CPE | Name | Operator | Version |
---|---|---|---|
blogator-script | eq | 0.90 | |
blogator-script | eq | 0.93 | |
blogator-script | eq | 0.92 | |
blogator-script | le | 1.00 | |
blogator-script | eq | 0.95 | |
blogator-script | eq | 0.91 |