CVE-2015-5501

Name of the Vulnerable Software and Affected Versions Hostmaster (Aegir) module versions 6.x-2.x before 6.x-2.4 Hostmaster (Aegir) module versions 7.x-3.x before 7.x-3.0-beta2

Description The issue allows remote attackers to execute arbitrary PHP code via a crafted file in the directory used to write Apache vhost files for hosted sites in a multi-site environment.

Recommendations For Hostmaster (Aegir) module versions 6.x-2.x before 6.x-2.4, update to version 6.x-2.4 or later. For Hostmaster (Aegir) module versions 7.x-3.x before 7.x-3.0-beta2, update to version 7.x-3.0-beta2 or later.