PHP.AWOL.Includedir.Code.Execution
Description
It indicates a possible exploit of File Include Vulnerability in AWOL PHP script that may allow remote attackers to execute arbitrary code on the vulnerable system. It is possible to supply arbitrary data to the $include variable. This variable is used to specify a file containing PHP code that is to be executed. As a result, the affected script may be redirected to execute arbitrary code located on an external host, as specified by the attacker.
Affected Products
topher1kenobe AWOL 2.1 and earlier versions.
Impact
Compromise of the affected system.
Recommended Actions
Upgrade to topher1kenobe AWOL 2.1.1 or later version.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |