2 matches found
DSquare Exploit Pack: D2SEC_SQLITEMANAGER
Name| d2secsqlitemanager ---|--- CVE| CVE-2007-1232 Exploit Pack| D2ExploitPack Description| SQLiteManager Local File Include Vulnerability Notes|...
CVE-2007-1232
SQLiteManager 1.2.0 is affected by a Local File Include due to improper sanitization of the SQLiteManager_currentTheme cookie, which is used to include include/config.inc.php. The flaw allows an unauthenticated, remote attacker to read arbitrary files or execute PHP code on the remote host (subje...