CVE-2007-2460
CVE-2007-2460 is a PHP remote file inclusion vulnerability affecting FireFly 1.1.01 and earlier. The issue exists in modules/admin/include/config.php, where an attacker can cause arbitrary PHP code execution by supplying a URL in the DOCUMENT_ROOT parameter. The root cause is a flawed handling of...