2 matches found
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in WB News 2.0.1, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the configinstalldir parameter to 1 search.php, 2 archive.php, 3 comments.php, and 4 news.php; 5 News.php, 6 SendFriend.php, 7...
CVE-2007-1288
Multiple PHP remote file inclusion vulnerabilities in Webmobo WB News 1.4.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the configinstalldir parameter to 1 comment.php, 2 themes.php, 3 directory.php, and 4 sendmsg.php in admin/...