CVE-2008-2981 Information

Description

PHP remote file inclusion vulnerability in admin/templates/template_thumbnail.php in HomePH Design 2.10 RC2 when register_globals is enabled allows remote attackers to execute arbitrary PHP code via a URL in the thumb_template parameter.

Reference

https://exchange.xforce.ibmcloud.com/vulnerabilities/43256 https://www.exploit-db.com/exploits/5903