Description
PHP remote file inclusion vulnerability in cron.php in phpMyDirectory 10.4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the ROOT_PATH parameter.
Affected products
- accomplishtechnology / phpmydirectory10.4.4
- accomplishtechnology / phpmydirectory1.0 – 1.0
- accomplishtechnology / phpmydirectory1.0.1 – 1.0.1
- accomplishtechnology / phpmydirectory1.0.2 – 1.0.2
- accomplishtechnology / phpmydirectory1.0.3 – 1.0.3
- accomplishtechnology / phpmydirectory1.0.4 – 1.0.4
- accomplishtechnology / phpmydirectory1.0.5 – 1.0.5
- accomplishtechnology / phpmydirectory1.0.6 – 1.0.6
- accomplishtechnology / phpmydirectory1.0.7 – 1.0.7
- accomplishtechnology / phpmydirectory1.0.8 – 1.0.8
- accomplishtechnology / phpmydirectory1.0.9 – 1.0.9
- accomplishtechnology / phpmydirectory1.1.0 – 1.1.0
- accomplishtechnology / phpmydirectory1.1.1 – 1.1.1
- accomplishtechnology / phpmydirectory1.1.2 – 1.1.2
- accomplishtechnology / phpmydirectory1.1.3 – 1.1.3
- accomplishtechnology / phpmydirectory1.1.4 – 1.1.4
- accomplishtechnology / phpmydirectory1.1.5 – 1.1.5
- accomplishtechnology / phpmydirectory1.1.6 – 1.1.6
- accomplishtechnology / phpmydirectory1.1.7 – 1.1.7
- accomplishtechnology / phpmydirectory1.1.8 – 1.1.8
- accomplishtechnology / phpmydirectory1.1.9 – 1.1.9
- accomplishtechnology / phpmydirectory1.2.0 – 1.2.0
- accomplishtechnology / phpmydirectory1.2.0 – 1.2.0
- accomplishtechnology / phpmydirectory1.2.1 – 1.2.1
- accomplishtechnology / phpmydirectory1.3.0 – 1.3.0
- accomplishtechnology / phpmydirectory1.3.0 – 1.3.0
- accomplishtechnology / phpmydirectory1.3.1 – 1.3.1
- accomplishtechnology / phpmydirectory1.3.2 – 1.3.2
- accomplishtechnology / phpmydirectory1.3.3 – 1.3.3
- accomplishtechnology / phpmydirectory1.3.4 – 1.3.4
- accomplishtechnology / phpmydirectory1.3.5 – 1.3.5
- accomplishtechnology / phpmydirectory1.4.0 – 1.4.0
- accomplishtechnology / phpmydirectory1.4.1 – 1.4.1
- accomplishtechnology / phpmydirectory10.1.3 – 10.1.3