Vulnerability in N/a
CVE-2007-4279
PHP remote file inclusion vulnerability in config.php in FrontAccounting 1.12 Build 31 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_root parameter.
EPSS: 0.855 (99.4th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- arfis.wordpress.com/2007/09/14/rfi-02-frontaccounting/ (x_refsource_MISC)
- fa-config-file-include(35873) (vdb-entry, x_refsource_XF)
- 26350 (x_refsource_SECUNIA, third-party-advisory)
- 4269 (exploit, x_refsource_EXPLOIT-DB)
- 36431 (x_refsource_OSVDB, vdb-entry)
- ADV-2007-2809 (vdb-entry, x_refsource_VUPEN)
- 25229 (vdb-entry, x_refsource_BID)