Multiple PHP remote file inclusion vulnerabilities in Form tools 1.5.0b allow remote attackers to execute arbitrary PHP code via a URL in the g_root_dir parameter to (1) admin_page_open.php and (2) client_page_open.php in global/templates/.
References
Configurations
History
No history.
Information
Published : 2007-12-20 00:46
Updated : 2024-02-28 11:01
NVD link : CVE-2007-6464
Mitre link : CVE-2007-6464
CVE.ORG link : CVE-2007-6464
JSON object : View
Products Affected
form_tools
- form_tools
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')