Description
PHP remote file inclusion vulnerability in index.php in KnowledgeBuilder, referred to as KnowledgeBase, allows remote attackers to execute arbitrary PHP code by modifying the page parameter to reference a URL on a remote web server that contains the code.
Affected products
- activecampaign / knowledgebuilder2.0.1 – 2.0.1
- activecampaign / knowledgebuilder2.1.0 – 2.1.0
- activecampaign / knowledgebuilder2.1.4 – 2.1.4
- activecampaign / knowledgebuilder3.0.1 – 3.0.1