A local file inclusion vulnerability has been found in WPN-XM Serverstack affecting version 0.8.6, which would allow an unauthenticated user to perform a local file inclusion (LFI) via the /tools/webinterface/index.php?page parameter by sending a GET request. This vulnerability could lead to the loading of a PHP file on the server, leading to a critical webshell exploit.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: INCIBE

Published: 2023-11-03T11:01:55.931Z

Updated: 2024-09-05T15:09:56.489Z

Reserved: 2023-08-29T08:19:29.525Z

Link: CVE-2023-4591

cve-icon Vulnrichment

Updated: 2024-08-02T07:31:06.612Z

cve-icon NVD

Status : Modified

Published: 2023-11-03T12:15:08.800

Modified: 2024-11-21T08:35:30.037

Link: CVE-2023-4591

cve-icon Redhat

No data.