CVE-2007-2937
TROforum 0.1 must vulnerable through admin/admin.php’s site_url parameter, enabling a remote file inclusion that allows arbitrary PHP code execution. Root cause: improper handling of external URLs in site_url. Severity: CVSS v2 base score 7.5 (HIGH). No remediation details are provided in the ava...