Mfp.C

Name of the Vulnerable Software and Affected Versions: J-Pierre DEZELUS Les Visiteurs version 2.0.1 phpMyConferences version 8.0.2 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the `lvc modules dir` parameter in the common/visiteurs/include/library.inc.php file. This is due to a remote file inclusion vulnerability. Recommendations: For J-Pierre DEZELUS Les Visiteurs version 2.0.1, consider restricting access to the `library.inc.php` file to minimize the risk of exploitation. For phpMyConferences version 8.0.2, avoid using the `lvc modules dir` parameter in the affected API endpoint until the issue is resolved.