HybridAuth 'Install. php' Remote Code Execution Vulnerability
Release date:
Updated on:
Affected Systems:
HybridAuth <= 2.1.2
Description:
--------------------------------------------------------------------------------
Bugtraq id: 69043
HybridAuth is an open-source Web-based authentication and authorization solution that supports multiple social networks at the same time.
HybridAuth 2.1.2 and earlier versions have the remote code execution vulnerability. Attackers can exploit this vulnerability to execute arbitrary code in the context of the affected application.
<* Source: Pichaya Morimoto
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
HybridAuth
----------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://hybridauth.sourceforge.net/
This article permanently updates the link address: