1 matches found
CVE-2003-0394
objects.inc.php4 in BLNews 2.1.3 allows remote attackers to execute arbitrary PHP code via a Serverpath parameter that points to malicious code on an attacker-controlled web site...