CVE-2007-0596 Information

Description

PHP remote file inclusion vulnerability in index/main.php in Aztek Forum 4.00 allows remote authenticated administrators to execute arbitrary PHP code via a URL in the PF[top_url] parameter.

Reference

http://acid-root.new.fr/poc/21070125.txt http://osvdb.org/33593 http://www.securityfocus.com/archive/1/458076/100/0/threaded http://www.securityfocus.com/archive/1/458123/100/0/threaded PHP remote file inclusion vulnerability in index/main.php in Aztek Forum 4.00 allows remote authenticated administrators to execute arbitrary PHP code via a URL in the PF[top_url] parameter.