Fantastic News Archive.PHP Remote Code Execution Vulnerability

Fantastic News Archive.PHP Remote Code Execution Vulnerability

Fantastic News is prone to a code-execution vulnerability.

Presumably, an attacker can exploit this issue to execute arbitrary malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.

Fantastic News version 2.1.2 and prior are vulnerable; other versions may also be affected.