Nivisec.Admin.Topic.Action.Logging.Remote.File.Inclusion
Description
It indicates a possible exploit of a file inclusion vulnerability in Nivisec Admin Topic Action Logging module that may allow remote attackers to execute arbitrary PHP code via a URL in parameter phpbb_root_path.
Affected Products
phpBB phpBB 2.0.21
phpBB phpBB 2.0.20
phpBB phpBB 2.0.18
Nivisec Admin Topic Action Logging 0.95
Minerva Minerva 2.0.21
Minerva Minerva 2.0.19
Minerva Minerva 2.0.8
Impact
Compromise of affected system
Recommended Actions
Currently we are not aware of any vendor-supplied patches for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2018-09-26 | 13.458 |