Description
Multiple PHP remote file inclusion vulnerabilities in Azerbaijan Design & Development Group (AZDG) AzDGVote allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter in (1) vote.php, (2) view.php, (3) admin.php, and (4) admin/index.php.
Affected products
References
- MISChttp://securityreason.com/securityalert/695
- VENDOR_ADVISORYhttp://secunia.com/advisories/19630
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/25762
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/1324
- MISChttp://www.securityfocus.com/bid/17447
- MISChttp://www.securityfocus.com/archive/1/430691/100/0/threaded