The document describes a remote file inclusion vulnerability in YACS 6.6.1 due to improper input sanitization. It lists multiple endpoints where an attacker can inject arbitrary remote PHP code via the 'context[path_to_root]' parameter.
Classification
Writeup 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:YACS 6.6.1
No auth needed
Prerequisites:Access to vulnerable YACS instance · Ability to host malicious PHP file on attacker-controlled server