CVE-2008-6983

2009-08-19T05:24:00
ID CVE-2008-6983
Type cve
Reporter cve@mitre.org
Modified 2017-09-29T01:33:00

Description

modules/tool/hitcounter.php in devalcms 1.4a allows remote attackers to execute arbitrary PHP code via the HTTP Referer header with a target file specified in the gv_folder_data parameter, as demonstrated by modifying modules/tool/url2header.php.