2 matches found
Remote file inclusion
PHP remote file inclusion vulnerability in include/blocks/weekevents.php in MyNews 4.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the myNewsConfpathsysindex parameter, a different vector than CVE-2007-0633...
CVE-2007-0633
CVE-2007-0633 describes a PHP remote file inclusion in MyNews 4.2.2 and earlier. The flaw is triggered by passing a URL in myNewsConf[path][sys][index], through which an attacker can execute arbitrary PHP code. Affected product is MyNews (version 4.2.2 and earlier); root cause: improper handling ...