Zenphoto 1.4.14 and Earlier: Local File Inclusion Vulnerability with Remote Code Execution and Information Disclosure

Zenphoto 1.4.14 and Earlier: Local File Inclusion Vulnerability with Remote Code Execution and Information Disclosure

CVE-2018-0610 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Local file inclusion vulnerability in Zenphoto 1.4.14 and earlier allows a remote attacker with an administrative privilege to execute arbitrary code or obtain sensitive information.

Learn more about our Web Application Penetration Testing UK.