CVE-2007-0831 Information
Description
LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks DISPUTED LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks Multiple PHP remote file inclusion vulnerabilities in Atsphp 5.0.1 allow remote attackers to execute arbitrary PHP code via a URL in the CONF[path] parameter to (1) index.php (2) sources/usercp.php or (3) sources/admin.php. NOTE: Another researcher has disputed this vulnerability noting that CONF[path] is defined before use in index.php that CONF[path] inclusion cannot occur through a direct request to other affected files and that usercp.php is a typo of user_cp.php.
Reference
http://www.securityfocus.com/archive/1/458581/100/100/threaded http://www.securityfocus.com/archive/1/458600/100/0/threaded
Share on: