3 matches found
Remote file inclusion
PHP remote file inclusion vulnerability in skinshop/standard/2viewbody/bodydefault.php in TECHNOTE 7.2, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the shopthisskinpath parameter, a different vector than CVE-2008-4138...
CVE-2009-0441
CVE-2009-0441 describes a PHP remote file inclusion in TECHNOTE 7.2’s skin_shop/standard/2_view_body/body_default.php. The vulnerability occurs when register_globals is enabled and allows an attacker to execute arbitrary PHP code by supplying a URL in the shop_this_skin_path parameter (a differen...
CVE-2008-4138
PHP remote file inclusion vulnerability in skinshop/standard/3plugintwindow/twindownotice.php in TECHNOTE 7 allows remote attackers to execute arbitrary PHP code via a URL in the shopthisskinpath parameter...