CVE Vulnerabilities

CVE-2007-1018

Published: Feb 21, 2007 | Modified: Nov 15, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

PHP remote file inclusion vulnerability in tpl/header.php in VirtualSystem VS-News-System 1.2.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the newsordner parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected Software

Name Vendor Start Version End Version
Vs-news-system Virtualsystem * 1.2.1 (including)

References