phpwcms phpwcms_code_snippets/mail_file_form.php Arbitrary PHP Code Execution

2006-04-21T05:32:40
ID OSVDB:25136
Type osvdb
Reporter OSVDB
Modified 2006-04-21T05:32:40

Description

Solution Description

Upgrade to version 1.2.6 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor Specific News/Changelog Entry: http://www.phpwcms.de/forum/viewtopic.php?t=10958 Secunia Advisory ID:19866 Related OSVDB ID: 25137 ISS X-Force ID: 26130 FrSIRT Advisory: ADV-2006-1556 CVE-2007-7018 CVE-2006-7020