Keller Web Admin 'action' Parameter Local File Include Vulnerability

Keller Web Admin 'action' Parameter Local File Include Vulnerability

Keller Web Admin is prone to a local file-include vulnerability.

An attacker can exploit this issue to include arbitrary local files and execute PHP code on the affected computer in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.

Keller Web Admin 0.94 Pro is vulnerable; other versions may also be affected.