2 matches found
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in GraFX Company WebSite Builder CWB PRO 1.5 allow remote attackers to execute arbitrary PHP code via a URL in the INCLUDEPATH parameter to 1 clsheadlineprod.php, 2 clslistorders.php, or 3 clsviewpastorders.php in include/, different vectors than...
CVE-2007-1513
CVE-2007-1513 describes a PHP remote file inclusion in GraFX Company WebSite Builder (CWB) PRO 1.9.8. When register_globals is enabled, an attacker can supply a URL in INCLUDE_PATH to comanda.php to execute arbitrary PHP code. The available documents do not specify a fixed patch/version or mitiga...