2 matches found
Immunity Canvas: WORDTUBE_REMOTE
Name| wordtuberemote ---|--- CVE| CVE-2007-2481 Exploit Pack| CANVAS Description| WordPress Plugin WordTube Remote Include Notes| CVSS: 6.8 Repeatability: Infinite VENDOR: alexrabe.boelinger.com CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2481 CVE Name: CVE-2007-2481...
CVE-2007-2481
The WordTube WordPress plugin (versions ≤ 1.43) is vulnerable to a Remote File Inclusion via the wpPATH parameter when register_globals is enabled. This can allow an attacker to execute arbitrary PHP code on the server. The affected component is the wordtube-button.php in WordTube 1.43 and earlie...