2 matches found
Immunity Canvas: NEWSOFFICE_INCLUDE
Name| newsofficeinclude ---|--- CVE| CVE-2008-1903 Exploit Pack| CANVAS Description| NewsOffice 1.1 Remote File Include Vulnerabilitiy Notes| CVE Name: CVE-2008-1903 VENDOR: Newanz.com Repeatability: Infinite References: http://securityreason.com/exploitalert/3732 CVE Url:...
CVE-2008-1903
CVE-2008-1903 affects NewsOffice 1.0 and 1.1. It is a PHP remote file inclusion vulnerability in news_show.php that is triggered when register_globals is enabled, allowing an attacker to supply a URL via the newsoffice_directory parameter to execute arbitrary PHP code on the server.