3 matches found
CVE-2002-1435
CVE-2002-1435 affects Achievo 0.7.0 through 0.9.1, excluding 0.8.2. The issue allows remote PHP code execution when allow_url_fopen is enabled and a URL in the config_atkroot parameter points to attacker-controlled code. This is a remote file inclusion vulnerability; affected component is a PHP s...
CVE-2002-1435
class.atkdateattribute.js.php in Achievo 0.7.0 through 0.9.1, except 0.8.2, allows remote attackers to execute arbitrary PHP code when the 'allowurlfopen' setting is enabled via a URL in the configatkroot parameter that points to the code...
CVE-2002-1435
class.atkdateattribute.js.php in Achievo 0.7.0 through 0.9.1, except 0.8.2, allows remote attackers to execute arbitrary PHP code when the 'allowurlfopen' setting is enabled via a URL in the configatkroot parameter that points to the code...