PHP.pSlash.lvcIncludeDir.Code.Execution

description-logoDescription

It indicates a possible exploit of a Remote Arbitrary Code Execution Vulnerability in pSlash PHP script, that may allow remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the includedir variable. pSlash is freely available, open-source web portal software. It allows users to create their own websites based on a template.

affected-products-logoAffected Products

Derek Leung pSlash 0.70

Impact logoImpact

Compromise of the affected system.

recomended-action-logoRecommended Actions

Apply appropriate patch from the vendor.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)