3 matches found
Remote file inclusion
PHP remote file inclusion vulnerability in chat.php in Sky GUNNING MySpeach 3.0.7 and earlier, when used with PHP 5, allows remote attackers to execute arbitrary PHP code via an ftp URL in a mymsroot cookie, a different vector than CVE-2007-0491 and CVE-2006-4630...
CVE-2007-0491
CVE-2007-0491 is a PHP remote file inclusion vulnerability in Sky GUNNING MySpeach 3.0.6 and earlier, exploitable via a URL in the my_ms[root] parameter of up.php. The issue is a separate vector from CVE-2006-4630 and affects MySpeach components prior to 3.0.6. The connected records confirm relat...
CVE-2007-0491
PHP remote file inclusion vulnerability in up.php in Sky GUNNING MySpeach 3.0.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mymsroot parameter, a different vector than CVE-2006-4630. NOTE: Some of these details are obtained from third party information...