PHP remote file inclusion vulnerability in show_joined.php in Indiscripts Enthusiast 3.1.4, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. NOTE: the researcher also points out the analogous directory traversal issue.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation16 reference(s) from NVD