Description
PHP remote file inclusion vulnerability in download_center_lite.inc.php for Download Center Lite 1.6 allows remote attackers to execute arbitrary PHP code by modifying the script_root parameter to reference a URL on a remote web server that contains the code.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Filip Groszynski · textwebappsphp
https://www.exploit-db.com/exploits/870
References (4)
Core 4
Core References
Patch, Vendor Advisory x_refsource_confirm
http://www.stadtaus.com/forum/t-1579.html
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/14513
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110996056601719&w=2
Various Sources x_refsource_misc
http://www.stadtaus.com/forum/p-5895.html
Scores
EPSS
0.0279
EPSS Percentile
86.1%
Details
Status
published
Published
Mar 07, 2005
Tracked Since
Feb 18, 2026