FreeBSD : phplist -- local file inclusion vulnerability (40774927-f6b4-11dd-94d9-0030843d3802)
High Nessus Plugin ID 35623
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionSecunia reports :
Input passed to the '_SERVER[ConfigFile]' parameter in admin/index.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources.
SolutionUpdate the affected package.