Ajax.File.Browser.approot.Parameter.File.Inclusion
Description
This indicates a vulnerability in Ajax File Browser. This vulnerability is caused by the failure to validate the "approot" parameter in the "_includes/settings.inc.php" script. The vulnerability allows remote attackers to include malicious PHP scripts and execute arbitrary commands.
Affected Products
Ajax File Browser version 3 beta 2007-08-28 and prior.
Impact
System compromise, remote script execution.
Recommended Actions
Currently we are not aware of any official fix for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |