2 matches found
CVE-2007-0485
CVE-2007-0485 describes a PHP remote file inclusion in WebChat 0.77. The flaw allows an attacker to execute arbitrary PHP code by supplying a URL in the WEBCHATPATH parameter of defines.php. Documents confirm the affected component is WebChat and the vulnerability is triggered via a remote includ...
WebChat defines.php WEBCHATPATH Parameter Remote File Inclusion
The version of Webchat installed on the remote host allows an attacker to read local files or execute PHP code, possibly taken from third- party sites, subject to the permissions of the web server user id. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: From: "Frog Man" To:...