Описание
** DISPUTED ** PHP remote file inclusion vulnerability in Trevorchan 0.7 and earlier allows remote attackers to execute arbitrary code via the tc_config[rootdir] parameter to (1) upgrade.php, (2) paint_save.php, (3) menu.php, (4) manage.php, and (5) banned.php. NOTE: his issue has been disputed by reliable third parties, who state that the variable is set before use in config.php.
** DISPUTED ** PHP remote file inclusion vulnerability in Trevorchan 0.7 and earlier allows remote attackers to execute arbitrary code via the tc_config[rootdir] parameter to (1) upgrade.php, (2) paint_save.php, (3) menu.php, (4) manage.php, and (5) banned.php. NOTE: his issue has been disputed by reliable third parties, who state that the variable is set before use in config.php.
EPSS
CVE ID
Связанные уязвимости
PHP remote file inclusion vulnerability in Trevorchan 0.7 and earlier allows remote attackers to execute arbitrary code via the tc_config[rootdir] parameter to (1) upgrade.php, (2) paint_save.php, (3) menu.php, (4) manage.php, and (5) banned.php. NOTE: his issue has been disputed by reliable third parties, who state that the variable is set before use in config.php
EPSS