CVE-2010-0367 Information

Description

Multiple PHP remote file inclusion vulnerabilities in BitScripts Bits Video Script 2.05 Gold Beta and possibly 2.04 allow remote attackers to execute arbitrary PHP code via a URL in the rowptem[template] parameter to (1) showcasesearch.php and (2) showcase2search.php.

Reference

http://www.packetstormsecurity.com/1001-exploits/bitsvs-xssuploadrfi.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/55740