Open.Conference.Systems.Fullpath.Remote.File.Inclusion
Description
It indicates a possible exploit of a remote file inclusion vulnerability in Open Conference Systems (OCS) that may allow remote attackers to execute arbitrary PHP code via a URL in the fullpath parameter.
Affected Products
Open Conference Systems Open Conference Systems 1.1.3
Impact
System compromise.
Recommended Actions
The vendor has released 1.1.6 to addresses this issue.
http://pkp.sfu.ca/ocs/download/ocs-1.1.6.tar.gz
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |