CVE-2007-2941 Information

Description

Multiple PHP remote file inclusion vulnerabilities in the creator in vBulletin Google Yahoo Site Map (vBGSiteMap) 2.41 for vBulletin allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to (1) vbgsitemap/vbgsitemap-config.php or (2) vbgsitemap/vbgsitemap-vbseo.php.

Reference

http://osvdb.org/38084 http://osvdb.org/38085 http://www.securityfocus.com/bid/24169 https://exchange.xforce.ibmcloud.com/vulnerabilities/34531 https://www.exploit-db.com/exploits/3990