2 matches found
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in SerWeb 2.0.0 dev1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the 1 SERWEBconfigdir parameter to loadlang.php, 2 SERWEBfunctionsdir parameter to mainprepend.php, and the 3 PHPLIBlibdir parameter to...
CVE-2007-3359
CVE-2007-3359 describes multiple PHP remote file inclusion vulnerabilities in SerWeb 0.9.6 and earlier. The flaw allows remote attackers to execute arbitrary PHP code by supplying a URL in the _SERWEB[serwebdir] parameter to either html/load_apu.php or html/mail_prepend.php. The vulnerability ori...