WordPress DM Albums Plugin 1.9.2 - Remote File Inclusion Vulnerability

dm-albums

Software
DM Albums
Versions
<= 1.9.2
Disclosure date
2009-06-29
CVE
CVE-2009-2396
References
Credits
Classification
Remote File Inclusion
OWASP Top 10

Are your websites subject to this vulnerability?

Details

Remote File Include (RFI) vulnerability was found in album.php file. It allows an attacker to include a remote file and get access to the server.

Solution

Update plugin.

Found a vulnerability that puts your sites at risk?

Found a vulnerability? Help us secure the web and join our community of ethical hackers.

Are you the developer of this software? Hire our researchers for a thorough security audit.