VULHUB ™

Comdev CSV Importer 3.1可能还有4.1的include.php中存在PHP远程文件包含漏洞(用在(1) Comdev Contact Form 3.1, (2) Comdev Customer Helpdesk 3.1, (3) Comdev Events Calendar 3.1, (4) Comdev FAQ Support 3.1, (5) Comdev Guestbook 3.1, (6) Comdev Links Directory 3.1, (7) Comdev News Publisher 3.1, (8) Comdev Newsletter 3.1, (9) Comdev Photo Gallery 3.1, (10) Comdev Vote Caster 3.1, (11) Comdev Web Blogger 3.1和 (12) Comdev eCommerce 3.1中)，远程攻击者可以通过path[docroot]参数中的URL执行任意PHP代码。

Comdev CSV Importer 3.1可能还有4.1的include.php中存在PHP远程文件包含漏洞(用在(1) Comdev Contact Form 3.1, (2) Comdev Customer Helpdesk 3.1, (3) Comdev Events Calendar 3.1, (4) Comdev FAQ Support 3.1, (5) Comdev Guestbook 3.1, (6) Comdev Links Directory 3.1, (7) Comdev News Publisher 3.1, (8) Comdev Newsletter 3.1, (9) Comdev Photo Gallery 3.1, (10) Comdev Vote Caster 3.1, (11) Comdev Web Blogger 3.1和 (12) Comdev eCommerce 3.1中)，远程攻击者可以通过path[docroot]参数中的URL执行任意PHP代码。