Multiple vulnerabilities have been identified in GoSamba, which could be exploited by attackers to execute arbitrary commands. These issues are caused by input validation errors various scripts (e.g. "inc_group.php" or "inc_manager.php") when processing the "include_path" parameter, which could be exploited by remote attackers to include malicious scripts and execute arbitrary commands with the privileges of the web server.
Vulnerable Products
Vulnerable Software: GoSamba version 1.0.1 and prior
