2 matches found
aWebNews 1.1 listing.php path_to_news Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/22781/info aWebNews is prone to multiple remote file-include vulnerabilities. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the...
CVE-2007-1247
Multiple PHP remote file inclusion vulnerabilities in aWeb Labs aWebNews 1.5 allow remote attackers to execute arbitrary PHP code via a URL in the pathtonews parameter to 1 listing.php or 2 visview.php...