CVE-2007-4325 Information

Description

PHP remote file inclusion vulnerability in index.php in Gaestebuch 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter.

Reference

http://osvdb.org/37515 http://secunia.com/advisories/26401 http://securityreason.com/securityalert/2994 http://www.securityfocus.com/archive/1/475950/100/0/threaded http://www.securityfocus.com/bid/25252 http://www.vupen.com/english/advisories/2007/2837