2 matches found
CVE-2009-3660
PHP remote file inclusion vulnerability in libraries/database.php in Efront 3.5.4 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. NOTE: this is only a vulnerability when the administrator does not follow...
CVE-2009-3660
The CVE-2009-3660 issue affects Efront up to version 3.5.4 in the PHP library libraries/database.php. The root cause is a remote file inclusion (RFI) vulnerability when register_globals is enabled, allowing a remote attacker to execute arbitrary PHP code via a URL supplied in the path parameter. ...