Multiple PHP remote file inclusion vulnerabilities in EternalMart Mailing List Manager (EMLM) 1.32 allow remote attackers to execute arbitrary PHP code via a URL in (1) the emml_admin_path parameter to admin/auth.php or (2) the emml_path parameter to emml_email_func.php.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mailing_list_manager | Eternalmart | 1.32 (including) | 1.32 (including) |