PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open Tibia Server Content Management System (OTSCMS) 1.3.0 through 1.4.1 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[config][otscms][directories][classes] parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Otscms | Otscms | 1.3.3 | 1.3.3 |
Otscms | Otscms | 1.3.4 | 1.3.4 |
Otscms | Otscms | 1.3.0 | 1.3.0 |
Otscms | Otscms | 1.4.1 | 1.4.1 |