CVE-2007-3524

2007-07-03T18:30:00
ID CVE-2007-3524
Type cve
Reporter cve@mitre.org
Modified 2017-09-29T01:29:00

Description

Multiple PHP remote file inclusion vulnerabilities in Ripe Website Manager 0.8.9 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the level parameter to (1) admin/includes/author_panel_header.php or (2) admin/includes/admin_header.php. Successful exploitation of this vulnerability requires that "register_globals" is enabled.