ThreatPress

WordPress Vulnerabilities Database

Back

WordPress DM Albums Plugin 1.9.2 - Remote File Inclusion Vulnerability

Product
DM Albums
Description
Remote File Include (RFI) vulnerability was found in album.php file. It allows an attacker to include a remote file and get access to the server.
Solution
Update plugin.
Classification
Type Remote File Inclusion
References
Exploit-DB
CVE
Name CVE-2009-2396
Versions
Affected In <= 1.9.2
Fixed In 1.9.3
Disclosure date
2009-06-29
Credits
Septemb0x