PHP remote file inclusion vulnerability in im.php in Laffer 0.3.2.6 and 0.3.2.7 allows remote attackers to execute arbitrary PHP code via the CFG_PATH variable.
CVSS Score
5.0
EPSS Score
0.004
Published
2005-07-20