CARE2X.Remote.File.Inclusion
Description
It indicates a possible exploit of a PHP remote file inclusion vulnerability in CARE2X.
This flaw is due to input validation errors in "include/inc_news_save.php" when processing the "root_path" parameter.
Affected Products
CARE2X version 2.2.2 and prior.
Impact
The execution of arbitrary PHP code on the system.
Recommended Actions
Currently we are not aware of any official supplied fix for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-11 | 16.978 |