CVE-2008-6983

2009-08-19T01:24:52
ID CVE-2008-6983
Type cve
Reporter NVD
Modified 2017-09-28T21:33:27

Description

modules/tool/hitcounter.php in devalcms 1.4a allows remote attackers to execute arbitrary PHP code via the HTTP Referer header with a target file specified in the gv_folder_data parameter, as demonstrated by modifying modules/tool/url2header.php.