This alert was generated using only banner information. It may be a false positive.
PHP applications can be manipulated into opening arbitrary files on the server, rather than those uploaded by the user.
Affected PHP versions (up to 3.0.16, 4.0.2).
- Upgrade PHP to the latest version.
- Drupal Core 4.6.x Denial of Service (4.6.0 - 4.6.10)
- WordPress 4.7.x Cross-Domain Flash Injection Vulnerability (4.7 - 4.7.8)
- WordPress Plugin WP Marketplace-Complete Shopping Cart/eCommerce Solution Arbitrary File Upload (1.2.1)
- WordPress Plugin WP-Print Cross-Site Request Forgery (2.51)
- WordPress Plugin Post Duplicator Cross-Site Scripting (2.16)