2 matches found
CVE-2007-2327
PHP remote file inclusion vulnerability in editor.php in HTMLeditbox 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the settingsappdir parameter...
CVE-2007-2327
CVE-2007-2327 affects HTMLeditbox 2.2. The vulnerability is a PHP remote file inclusion in _editor.php triggered by a URL in settings[app_dir], allowing remote code execution. Root cause is improper handling of the app_dir parameter enabling inclusion of attacker-controlled PHP. Exploitation deta...