2 matches found
Remote file inclusion
PHP remote file inclusion vulnerability in save.php in phpSANE 0.5.0 allows remote attackers to execute arbitrary PHP code via a URL in the filesave parameter...
CVE-2009-3188
The CVE-2009-3188 entry concerns phpSANE 0.5.0, where the save.php script’s file_save parameter allows remote file inclusion. The root cause is insufficient sanitization of user-supplied input used in including PHP code, enabling an attacker to execute arbitrary PHP on the server. Documented impa...