CVE-2024-1115 | openBI up to 1.0.8 Setting.php dlfile phpPath os command injection

CVE-2024-1115 | openBI up to 1.0.8 Setting.php dlfile phpPath os command injection

A vulnerability was found in openBI up to 1.0.8 and classified as critical. This issue affects the function dlfile of the file /application/websocket/controller/Setting.php. The manipulation of the argument phpPath leads to os command injection. The identification of this vulnerability is CVE-2024-1115. The attack may be initiated remotely. Furthermore, there is an exploit available.