CVE-2007-1017

2007-02-21T11:28:00
ID CVE-2007-1017
Type cve
Reporter cve@mitre.org
Modified 2017-10-11T01:31:00

Description

PHP remote file inclusion vulnerability in show_news_inc.php in VirtualSystem VS-News-System 1.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the newsordner parameter. Successful exploitation requires that "register_globals" is enabled.