PHP remote file include vulnerability in Yawp library 1.0.6 and earlier, as used in YaWiki and possibly other products, allows remote attackers to include arbitrary files via the _Yawp[conf_path] parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| yawp | yawp | 1.0.3 |
| yawp | yawp | 1.0.1 |
| yawp | yawp | 1.0.5 |
| yawp | yawp | 1.0.4 |
| yawp | yawp | 1.0.0 |
| yawp | yawp | 1.0.6 |
| yawp | yawp | 1.0.2 |