VULHUB ™

IdeaBox is prone to a remote file include vulnerability. Remote users may possibly influence the include path for some scripts. As a result, a remote attacker could specify an include path which points to a malicious PHP script with the same name on an external attacker-controlled host. Exploitation will result in the malicious PHP script being executed with the privileges of the web server hosting the vulnerable software.

IdeaBox is prone to a remote file include vulnerability. Remote users may possibly influence the include path for some scripts. As a result, a remote attacker could specify an include path which points to a malicious PHP script with the same name on an external attacker-controlled host. Exploitation will result in the malicious PHP script being executed with the privileges of the web server hosting the vulnerable software.