CVE-2023-49544

A local file inclusion (LFI) in Customer Support System v1 allows attackers to include internal PHP files and gain unauthorized acces via manipulation of the page= parameter at /customer_support/index.php. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt