newsPHP 216 Remote File Include Vulnerability

ID SSV:76841
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.


A file include vulnerability has been reported in the nphpd.php module of newsPHP that may permit an attacker to include and execute malicious script code on a vulnerable host.

The issue is reported to exist in the LangFile variable of nphpd.php module of the software. Successful exploitation may lead to execution of arbitrary code on a vulnerable system by a remote attacker.[LangFile]=/evil/file