PHPAuction.PHPAds_Path.File.Inclusion
Description
This indicates a possible attempt to exploit a PHP remote file inclusion vulnerability in "phpAdsNew/view.inc.php" in Albasoftware Phpauction with phpAdsNew 2.0.5. It may allow remote attackers to execute arbitrary PHP code via a URL in the "phpAds_path" parameter.
Affected Products
Albasoftware PHPAuction 2.1 and possibly later versions, with phpAdsNew 2.0.5.
Impact
System compromise: remote code execution.
Recommended Actions
Currently we are not aware of any vendor supplied patch or update for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |