Vulnerabilities > CVE-2022-27257 - Unspecified vulnerability in Hubzilla
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
A PHP Local File Inclusion vulneraility in the default Redbasic theme for Hubzilla before version 7.2 allows remote attackers to include arbitrary php files via the schema parameter.
Vulnerable Configurations
References
- https://framagit.org/hubzilla/core/-/commit/0784cd593a39a4fc297e8a82f7e79bc8019a0868#1c497fbb3a46b78edf04cc2a2fa33f67e3ffbe2a
- https://framagit.org/hubzilla/core/-/commit/0784cd593a39a4fc297e8a82f7e79bc8019a0868#1c497fbb3a46b78edf04cc2a2fa33f67e3ffbe2a
- https://hubzilla.org/channel/hubzilla/
- https://hubzilla.org/channel/hubzilla/