Description
Multiple PHP remote file inclusion vulnerabilities in Saurus CMS 4.7.0 allow remote attackers to execute arbitrary PHP code via a URL in the class_path parameter to (1) file.php or (2) com_del.php.
Affected products
- brothersoft / saurus_cms4.7.0 – 4.7.0