PHP remote file inclusion vulnerability in login.php.inc in awrate 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the toroot parameter to search.php.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Awrate |
Awrate |
1.0 (including) |
1.0 (including) |
References