2 matches found
CVE-2007-3353
PHP remote file inclusion vulnerability in includes/template.php in MyEvent 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the myeventpath parameter. NOTE: a reliable third party disputes this issue, saying "the entire file is a class...
CVE-2007-3353
The CVE-2007-3353 vulnerability affects MyEvent 1.6, specifically in includes/template.php, where a remote file inclusion can occur via the myevent_path parameter to execute arbitrary PHP code. The root cause is an improper handling of the URL parameter, enabling code execution on the server. A t...