Voodoo.Chat.File.Path.Parameter.Remote.File.Inclusion
Description
A PHP remote file inclusion vulnerability in index.php in Vlad Vostrykh Voodoo chat 1.0RC1b and earlier, allows remote attackers to execute arbitrary PHP code via a URL in the file_path parameter.
Affected Products
Voc-Project Voodoo Chat 1.0RC1b
Impact
Execute arbitrary PHP code via a URL.
Recommended Actions
Currently we are not aware of any vendor-supplied patches for this issue.
http://vochat.com/.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-05-16 | 14.615 | Sig Added |