Max Cerny

Name of the Vulnerable Software and Affected Versions: phpMyVisites version 1.3 Description: The issue allows remote attackers to read and include arbitrary files. This is achieved via the `mylang` parameter in the set lang.php file. Recommendations: For phpMyVisites version 1.3, consider restricting access to the set lang.php file or validating and sanitizing the `mylang` parameter to prevent the inclusion of arbitrary files. As a temporary workaround, consider disabling the set lang.php file until a patch is available.