PHP remote file inclusion vulnerability in common.php in phpATM 1.21, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the include_location parameter to index.php.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Php_advanced_transfer_manager | Bugada_andrea | 1.20 (including) | 1.20 (including) |
| Php_advanced_transfer_manager | Bugada_andrea | 1.21 (including) | 1.21 (including) |
References
- http://marc.info/?l=bugtraq\u0026m=111653168810937\u0026w=2
- http://secunia.com/advisories/15420
- http://securitytracker.com/id?1014008
- http://www.osvdb.org/16692
- http://marc.info/?l=bugtraq\u0026m=111653168810937\u0026w=2
- http://secunia.com/advisories/15420
- http://securitytracker.com/id?1014008
- http://www.osvdb.org/16692