Описание
PHP remote file inclusion vulnerability in actions.php in the Allwebmenus plugin 1.1.3 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter.
PHP remote file inclusion vulnerability in actions.php in the Allwebmenus plugin 1.1.3 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2011-3981
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69929
- http://plugins.trac.wordpress.org/changeset/438959/allwebmenus-wordpress-menu-plugin/trunk/actions.php?old=408304&old_path=allwebmenus-wordpress-menu-plugin%2Ftrunk%2Factions.php
- http://secunia.com/advisories/46068
- http://www.exploit-db.com/exploits/17861
- http://www.securityfocus.com/bid/49685
Связанные уязвимости
nvd
больше 13 лет назад
PHP remote file inclusion vulnerability in actions.php in the Allwebmenus plugin 1.1.3 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter.