CVE-2007-1165

DBGuestBook 1.1 is affected by three PHP remote file inclusion flaws in includes/ (utils.php, guestbook.php, views.php) triggered by a crafted URL in the dbs_base_path parameter, allowing arbitrary PHP code execution. Root cause: improper handling of dbs_base_path. Public exploit references exist...