BT.Sondage.Gestion.Sondage.PHP.Remote.File.Inclusion
Description
This indicates a file inclusion vulnerability in BT-Sondage 112. This issue is due to input validation errors in the "utilitaires/gestion_sondage.php" scripts when processing the "repertoire_visiteur" parameter. It allows remote attackers to execute arbitrary PHP code via a URL.
Affected Products
BT-Sondage 1.12
Impact
System compromise.
Recommended Actions
Currently we are not aware of any official supplied fix for issue.
http://www.touchon.net/annuaire-applications-php-BT-Sondage.php
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |