WebCreator <= 0.2.6-rc3 (moddir) Remote File Inclusion Vulnerability

No description provided by source. \ /\ / | \ | / // / | | \ \ Y / | / / \ /\| /\ / / / / / .OR.ID ECHOADV74$2007 ------------------------------------------------------------------------------------- ECHOADV74$2007 WebCreator = 0.2.6-rc3 moddir Remote File Inclusion Vulnerability...

CVE-2007-1459

CVE-2007-1459 affects WebCreator 0.2.6-rc3 and earlier, enabling PHP remote file inclusion via the moddir parameter to content/load.inc.php, config/load.inc.php, http/load.inc.php, and other files. The underlying issue allows remote attackers to execute arbitrary PHP code on affected installation...