2 matches found
Remote file inclusion
PHP remote file inclusion vulnerability in templates/default/header.inc.php in Linux Web Shop LWS php User Base 1.3 BETA allows remote attackers to execute arbitrary PHP code via a URL in the menu parameter...
CVE-2008-1043
Affected software: Linux Web Shop (LWS) PHP User Base 1.3 BETA. Vulnerability type: PHP remote file inclusion in templates/default/header.inc.php. Root cause / vector: remote attackers can supply a URL in the menu parameter, leading to arbitrary PHP code execution. Impact (as stated): arbitrary c...