CVE-2007-4950

2007-09-18T20:17:00
ID CVE-2007-4950
Type cve
Reporter cve@mitre.org
Modified 2017-07-29T01:33:00

Description

DISPUTED PHP remote file inclusion vulnerability in form/db_form/employee.php in PHPortal 0.2.7 allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. NOTE: this issue is disputed by CVE, since DOCUMENT_ROOT cannot be modified by an attacker.