CVE-2015-2945

Name of the Vulnerable Software and Affected Versions mt-phpincgi.php in Hajime Fujimoto mt-phpincgi versions prior to 2015-05-15

Description The issue allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted request. This has been exploited in the wild in May 2015.

Recommendations For versions prior to 2015-05-15, update to a version released after 2015-05-15 to resolve the issue. As a temporary workaround, consider restricting access to the mt-phpincgi.php file to minimize the risk of exploitation.