Multiple PHP remote file inclusion vulnerabilities in Rezervi Generic 0.9 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) datumVonDatumBis.inc.php, (2) footer.inc.php, (3) header.inc.php, and (4) stylesheets.php in templates/; and (5) wochenuebersicht.inc.php, (6) monatsuebersicht.inc.php, (7) jahresuebersicht.inc.php, and (8) tagesuebersicht.inc.php in belegungsplan/.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2007-04-19T10:00:00
Updated: 2024-08-07T13:23:50.816Z
Reserved: 2007-04-19T00:00:00
Link: CVE-2007-2156
Vulnrichment
No data.
NVD
Status : Modified
Published: 2007-04-19T10:19:00.000
Modified: 2017-10-11T01:32:06.737
Link: CVE-2007-2156
Redhat
No data.