CVE-2004-0030 Information

Description

PHP remote file inclusion vulnerability in (1) functions.php (2) authentication_index.php and (3) config_gedcom.php for PHPGEDVIEW 2.61 allows remote attackers to execute arbitrary PHP code by modifying the PGV_BASE_DIRECTORY parameter to reference a URL on a remote web server that contains the code.

Reference

http://marc.info/?l=bugtraq&m=107340840209453&w=2 http://secunia.com/advisories/10565 http://www.osvdb.org/3343 http://www.securityfocus.com/bid/9368 http://www.securitytracker.com/id?1008632 https://exchange.xforce.ibmcloud.com/vulnerabilities/14159