CVE-2007-3315 Information

Description

Multiple PHP remote file inclusion vulnerabilities in YourFreeScreamer 1.0 when register_globals is enabled allow remote attackers to execute arbitrary PHP code via a URL in the serverPath parameter to bodyTemplate.php in (1) templates/Classic/ (2) templates/Classic Guestbook/ (3) templates/DarkNights/ and (4) templates/Simplistic/ different vectors than CVE-2007-3271. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Reference

http://osvdb.org/36891 http://secunia.com/advisories/25728