CVE-2007-3220
CVE-2007-3220 affects the Cjay Content 3 module for XOOPS, specifically admin/editor2/spaw_control.class.php, where the spaw_root parameter enables PHP remote file inclusion. The underlying issue is improper handling/validation of spaw_root, allowing an attacker to cause arbitrary PHP code execut...