Filtered by vendor Mundi King
Subscribe
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-2095 | 1 Mundi King | 1 Mundi Mail | 2017-09-28 | 6.8 MEDIUM | N/A |
PHP remote file inclusion vulnerability in template/simpledefault/admin/_masterlayout.php in Mundi Mail 0.8.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the top parameter. NOTE: when allow_url_fopen is disabled, directory traversal attacks are possible to include and execute arbitrary local files. |