VULHUB ™

PEEL is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. An attacker may exploit this by supplying a path to a maliciously created file, located on an attacker-controlled host as a value for some parameters. If the remote file is a PHP script, this may allow for execution of attacker-supplied PHP code with the privileges of the webserver. Successful exploitation may provide local access to the attacker.

PEEL is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. An attacker may exploit this by supplying a path to a maliciously created file, located on an attacker-controlled host as a value for some parameters. If the remote file is a PHP script, this may allow for execution of attacker-supplied PHP code with the privileges of the webserver. Successful exploitation may provide local access to the attacker.