CVE-2007-1924

Multiple PHP remote file inclusion vulnerabilities in phpContact allow remote attackers to execute arbitrary PHP code via a URL in the includepath parameter to 1 contactbusiness.php or 2 contactperson.php. NOTE: this issue is disputed by CVE and a reliable third party, because includepath is...

CVE-2007-1924

CVE-2007-1924 affects phpContact and describes PHP remote file inclusion via a URL in the include_path parameter to contact_business.php or contact_person.php. The underlying issue is that include_path can be manipulated to cause arbitrary PHP code execution, with the CVSS-like data indicating ne...

PT-2007-3269 · Phpcontact · Phpcontact

Name of the Vulnerable Software and Affected Versions: phpContact affected versions not specified Description: The issue concerns remote file inclusion vulnerabilities in phpContact, potentially allowing remote attackers to execute arbitrary PHP code. This is achieved by manipulating the include...

phpcontact-rfi.txt

/ phpContact Multiple Remote File Inclusion Vulnerabilities / //Author: Arham Muhammad //Vulnerable Files: /contactbusiness.php, /contactperson.php //Source: http://codewand.org/download/phpContact.zip //Vulnerable Code: include$includepath . "includesession.inc.php"; //Expl0it:...