CVE-2007-1908

2007-04-10T23:19:00
ID CVE-2007-1908
Type cve
Reporter cve@mitre.org
Modified 2017-10-11T01:32:00

Description

PHP file inclusion vulnerability in php121db.php in PHP121 Instant Messenger 2.2 allows remote attackers to execute arbitrary PHP code via a UNC share pathname or a local file pathname in the php121dir parameter, which is accessed by the file_exists function.