PHP remote file inclusion vulnerability in im.php in Laffer 0.3.2.6 and 0.3.2.7 allows remote attackers to execute arbitrary PHP code via the CFG_PATH variable.
Software | From | Fixed in |
---|---|---|
laffer / laffer | 0.3.2.6 | 0.3.2.6.x |
laffer / laffer | 0.3.2.7 | 0.3.2.7.x |