Description
PHP remote file inclusion vulnerability in movie_cls.php in Built2Go PHP Movie Review 2B and earlier allows remote attackers to execute arbitrary PHP code via a URL in the full_path parameter.
Affected products
- built2go / movie_review1a – 1a
- built2go / movie_review2a – 2a
- built2go / movie_review2b – 2b