Redirection version 2.7.3 contains a ACE via file inclusion vulnerability in Pass-through mode that can result in allows admins to execute any PHP file in the filesystem. This attack appear to be exploitable via Attacker must be have access to an admin account on the target site. This vulnerability appears to have been fixed in 2.8.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-06-26T16:00:00
Updated: 2024-08-05T12:40:47.052Z
Reserved: 2018-06-12T00:00:00
Link: CVE-2018-1000504
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-06-26T16:29:00.570
Modified: 2024-11-21T03:40:03.997
Link: CVE-2018-1000504
Redhat
No data.