CVE-2004-0132 Information

Description

Multiple PHP remote file inclusion vulnerabilities in ezContents 2.0.2 and earlier allow remote attackers to execute arbitrary PHP code from a remote web server as demonstrated using (1) the GLOBALS[rootdp] parameter to db.php or (2) the GLOBALS[language_home] parameter to archivednews.php and a malicious version of lang_admin.php.

Reference

http://marc.info/?l=bugtraq&m=107651585921958&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/15135