PHP remote file inclusion vulnerability in include/themes/themefunc.php in MyNews 4.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the myNewsConf[path][sys][index] parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mynews | T-systems_solutions_for_research_gmbh | * | 4.2.2 (including) |