Jason Hines PHPWebLog 0.4/0.5 - Remote File Include Vulnerability

ID SSV:78860
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.

                                                source: http://www.securityfocus.com/bid/12747/info

phpWebLog is prone to remote file include vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input prior to using it in a PHP 'include_once()' function call.

An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.