Description
PHP remote file inclusion vulnerability in admin/admin_news_bot.php in Drunken:Golem Gaming Portal 0.5.1 alpha 2 allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter, a different vector than CVE-2007-0572.
Exploits (1)
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/53136
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/9635
Scores
EPSS
0.0146
EPSS Percentile
81.0%
Details
CWE
CWE-94
Status
published
Products (1)
legrinder/drunken\
golem_gaming_portal 0.5.1
Published
Jan 18, 2010
Tracked Since
Feb 18, 2026