Vulnerability in N/a
CVE-2008-1903
PHP remote file inclusion vulnerability in news_show.php in Newanz NewsOffice 1.0 and 1.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the newsoffice_directory parameter.
EPSS: 0.672 (98.6th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 29797 (x_refsource_SECUNIA, third-party-advisory)
- newsoffice-newsshow-file-include(41770) (vdb-entry, x_refsource_XF)
- 5429 (exploit, x_refsource_EXPLOIT-DB)
- 28748 (vdb-entry, x_refsource_BID)