2 matches found
Magic News Plus 1.0.2 preview.php php_script_path Parameter Remote File Inclusion
No description provided by source...
CVE-2007-1141
PHP remote file inclusion vulnerability in preview.php in Magic News Plus 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the phpscriptpath parameter. NOTE: This issue may overlap CVE-2006-0723...