CVE-2007-1908

2007-04-10T19:19:00
ID CVE-2007-1908
Type cve
Reporter NVD
Modified 2017-10-10T21:32:02

Description

PHP file inclusion vulnerability in php121db.php in PHP121 Instant Messenger 2.2 allows remote attackers to execute arbitrary PHP code via a UNC share pathname or a local file pathname in the php121dir parameter, which is accessed by the file_exists function.