2 matches found
Remote file inclusion
PHP remote file inclusion vulnerability in config.php in phpListPro 2.0 and earlier allows remote attackers to execute arbitrary PHP code via the returnpath parameter. NOTE: this issue was later reported to affect 2.01 as well...
CVE-2006-1749
CVE-2006-1749 affects phpListPro 2.0 and earlier. The issue is a PHP remote file inclusion vulnerability where input from the returnpath parameter (in config.php and related scripts) can be used to include arbitrary PHP code, enabling code execution on the server. Exploitation is described as pos...