CVE-2007-1165 Information

Description

Multiple PHP remote file inclusion vulnerabilities in DBGuestbook 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the dbs_base_path parameter to (1) utils.php (2) guestbook.php or (3) views.php in includes/.

Reference

http://osvdb.org/33493 http://osvdb.org/33494 http://osvdb.org/33495 http://www.securityfocus.com/bid/22658 http://www.vupen.com/english/advisories/2007/0693 https://www.exploit-db.com/exploits/3354