Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the site_path parameter to (1) Vert/index.php, (2) Noir/index.php, and (3) Bleu/index.php in template/, different vectors than CVE-2008-0645.
References
Configurations
History
No history.
Information
Published : 2008-02-28 21:44
Updated : 2024-02-28 11:01
NVD link : CVE-2008-1068
Mitre link : CVE-2008-1068
CVE.ORG link : CVE-2008-1068
JSON object : View
Products Affected
portail_web_php
- portail_web_php
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')