2 matches found
Immunity Canvas: WORDSMITH_INCLUDE
Name| wordsmithinclude ---|--- CVE| CVE-2007-5102 Exploit Pack| CANVAS Description| Wordsmith Remote file inclusion Notes| CVSS: 6.8 Repeatability: Infinite VENDOR: Wordsmith CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5102 CVE Name: CVE-2007-5102...
CVE-2007-5102
CVE-2007-5102 describes a PHP remote file inclusion in Wordsmith 1.0 RC1. When register_globals is enabled, an attacker can trigger arbitrary PHP code execution by supplying a URL in the _path parameter to config.inc.php. The vulnerability stems from unsafely including user-controlled input in th...