PHP remote file inclusion vulnerability in includes/class_template.php in Quezza 1.0 and earlier, and possibly 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the quezza_root_path parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Quezza_bb | Quezza | * | 1.0 (including) |
Quezza_bb | Quezza | 1.1.0 (including) | 1.1.0 (including) |