Multiple PHP remote file inclusion vulnerabilities in Rezervi Generic 0.9 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) datumVonDatumBis.inc.php, (2) footer.inc.php, (3) header.inc.php, and (4) stylesheets.php in templates/; and (5) wochenuebersicht.inc.php, (6) monatsuebersicht.inc.php, (7) jahresuebersicht.inc.php, and (8) tagesuebersicht.inc.php in belegungsplan/.
References
Configurations
History
No history.
Information
Published : 2007-04-19 10:19
Updated : 2024-02-28 11:01
NVD link : CVE-2007-2156
Mitre link : CVE-2007-2156
CVE.ORG link : CVE-2007-2156
JSON object : View
Products Affected
rezervi_generic
- rezervi_generic
CWE