CVE-2007-0787

2007-02-06T19:28:00
ID CVE-2007-0787
Type cve
Reporter cve@mitre.org
Modified 2017-07-29T01:30:00

Description

PHP remote file inclusion vulnerability in controller.php in Simple Invoices before 20070202 allows remote attackers to execute arbitrary PHP code via a URL in the (1) module or (2) view parameter. NOTE: some of these details are obtained from third party information. Successful exploitation requires that "register_globals" is enabled and "magic_quotes_gpc" is disabled.