PHP remote file inclusion vulnerability in admin/admin_settings.php in MTCMS 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the ins_file parameter.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Mtcms |
Mtcms |
* |
2.0 |
References