CVE-2015-9227

Published: 2017-09-11T20:29Z

Last Modified: 2024-11-21T02:40Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

PHP remote file inclusion vulnerability in the get_file function in upload/admin2/controller/report_logs.php in AlegroCart 1.2.8 allows remote administrators to execute arbitrary PHP code via a URL in the file_path parameter to upload/admin2. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt