PHP remote file inclusion vulnerability in config.inc.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path_escape parameter.
References
Configurations
History
No history.
Information
Published : 2007-12-28 21:46
Updated : 2024-02-28 11:01
NVD link : CVE-2007-6568
Mitre link : CVE-2007-6568
CVE.ORG link : CVE-2007-6568
JSON object : View
Products Affected
xzero_scripts
- xzero_community_classifieds
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')