PHP remote file inclusion vulnerability in form/db_form/employee.php in PHPortal 0.2.7 allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. NOTE: this issue is disputed by CVE, since DOCUMENT_ROOT cannot be modified by an attacker
References
Configurations
History
07 Nov 2023, 02:01
Type | Values Removed | Values Added |
---|---|---|
Summary | PHP remote file inclusion vulnerability in form/db_form/employee.php in PHPortal 0.2.7 allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. NOTE: this issue is disputed by CVE, since DOCUMENT_ROOT cannot be modified by an attacker |
Information
Published : 2007-09-18 20:17
Updated : 2024-04-11 00:42
NVD link : CVE-2007-4950
Mitre link : CVE-2007-4950
CVE.ORG link : CVE-2007-4950
JSON object : View
Products Affected
phportal
- phportal
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')