PHP remote file inclusion vulnerability in (1) config.php and (2) config_page.php for EasyDynamicPages 2.0 allows remote attackers to execute arbitrary PHP code by modifying the edp_relative_path parameter to reference a URL on a remote web server that contains a malicious serverdata.php script.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Easydynamicpages | Stoitsov | 2.0 (including) | 2.0 (including) |