PHP.AWOL.Includedir.Code.Execution

description-logoDescription

It indicates a possible exploit of File Include Vulnerability in AWOL PHP script that may allow remote attackers to execute arbitrary code on the vulnerable system. It is possible to supply arbitrary data to the $include variable. This variable is used to specify a file containing PHP code that is to be executed. As a result, the affected script may be redirected to execute arbitrary code located on an external host, as specified by the attacker.

affected-products-logoAffected Products

topher1kenobe AWOL 2.1 and earlier versions.

Impact logoImpact

Compromise of the affected system.

recomended-action-logoRecommended Actions

Upgrade to topher1kenobe AWOL 2.1.1 or later version.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

1