|
phPay Windows Installations Local File Include Vulnerability
phPay is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. The vulnerability resides in code that was intended to protect against file-include attacks. It was found that the protection routines may be bypassed on Windows installations. Exploiting this issue may allow an unauthorized user to view files and execute local scripts. |
|
|
Privacy Statement |
