VULHUB ™

It has been reported that PhpGedView may be prone to a remote file include vulnerability that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable system. The problem reportedly exists because remote users may influence the 'PGV_BASE_DIRECTORY' variable in the [GED_File]_conf.php module, which specifies an include path. PhpGedView versions 2.65.1 and prior have been reported to be prone to this issue. This issue may be related to PhpGedView Multiple PHP Remote File Include Vulnerabilities BID 9368.

It has been reported that PhpGedView may be prone to a remote file include vulnerability that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable system. The problem reportedly exists because remote users may influence the 'PGV_BASE_DIRECTORY' variable in the [GED_File]_conf.php module, which specifies an include path. PhpGedView versions 2.65.1 and prior have been reported to be prone to this issue. This issue may be related to PhpGedView Multiple PHP Remote File Include Vulnerabilities BID 9368.