Description
PHP remote file inclusion vulnerability in admin/index.php in DreamAccount 3.1 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by CrAsh_oVeR_rIdE · perlwebappsphp
https://www.exploit-db.com/exploits/1954
References (6)
Scores
EPSS
0.0237
EPSS Percentile
85.0%
Details
Status
published
Products (1)
dreamcost/dreamaccount
3.1
Published
Dec 02, 2006
Tracked Since
Feb 18, 2026