2 matches found
CVE-2007-0182
CVE-2007-0182 concerns multiple PHP remote file inclusion vulnerabilities in a “magic photo storage” website. The issue arises from unsafely using the _config[site_path] parameter to load files under admin/, include/, and user/ directories (e.g., admin_password.php, add_welcome_text.php, admin_em...
CVE-2007-0181
The CVE-2007-0181 entry describes a PHP remote file inclusion in the magic photo storage website, triggered through the _config[site_path] parameter in include/common_function.php. The underlying issue is insufficient validation of a URL-like value, allowing an attacker to cause arbitrary PHP cod...