Vulnerability in N/a

CVE-2007-4921

PHP remote file inclusion vulnerability in _includes/settings.inc.php in Ajax File Browser 3 Beta allows remote attackers to execute arbitrary PHP code via a URL in the approot parameter.

EPSS: 0.846 (99.3th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

References

ADV-2007-3175 (vdb-entry, x_refsource_VUPEN)
38970 (x_refsource_OSVDB, vdb-entry)
4405 (exploit, x_refsource_EXPLOIT-DB)
arfis.wordpress.com/2007/09/14/rfi-02-ajax-file-browser/ (x_refsource_MISC)
ajax-settingsinc-file-include(36604) (vdb-entry, x_refsource_XF)