Vulnerability in N/a
CVE-2007-4232
PHP remote file inclusion vulnerability in admin/inc/change_action.php in Andreas Robertz PHPNews 0.93 allows remote attackers to execute arbitrary PHP code via a URL in the format_menue parameter.
EPSS: 0.766 (99.0th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- ADV-2007-2810 (vdb-entry, x_refsource_VUPEN)
- 25223 (vdb-entry, x_refsource_BID)
- 4268 (exploit, x_refsource_EXPLOIT-DB)
- phpnews-changeaction-file-include(35835) (vdb-entry, x_refsource_XF)