Remote Code Execution in Laffer 0.3.2.6 and 0.3.2.7 via PHP Remote File Inclusion in im.php
CVE-2005-2328 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:P/A:N
PHP remote file inclusion vulnerability in im.php in Laffer 0.3.2.6 and 0.3.2.7 allows remote attackers to execute arbitrary PHP code via the CFG_PATH variable.
Learn more about our Web Application Penetration Testing UK.