CVE-2008-0648 Information

Description

Multiple PHP remote file inclusion vulnerabilities in OpenSiteAdmin 0.9.1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) indexFooter.php; and (2) DatabaseManager.php (3) FieldManager.php (4) Filter.php (5) Form.php (6) FormManager.php (7) LoginManager.php and (8) Filters/SingleFilter.php in scripts/classes/.

Reference

http://www.securityfocus.com/bid/27640 https://www.exploit-db.com/exploits/5068