CVE-2007-4329 – Web News 1.1 - 'feed.php?config[root_ordner]' Remote File Inclusion

https://notcve.org/view.php?id=CVE-2007-4329

Multiple PHP remote file inclusion vulnerabilities in Web News 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php, (2) news.php, or (3) feed.php. Múltiples vulnerabilidades de inclusión remota de archivo en PHP en Web News 1.1 permiten a atacantes remotos ejecutar código PHP de su elección mediante un URL en el parámetro config[root_ordner] de (1) index.php, (2) news.php, o (3) feed.php. • https://www.exploit-db.com/exploits/30482 https://www.exploit-db.com/exploits/30481 https://www.exploit-db.com/exploits/30483 http://osvdb.org/36427 http://osvdb.org/36428 http://osvdb.org/36429 http://secunia.com/advisories/26398 http://securityreason.com/securityalert/2998 http://www.securityfocus.com/archive/1/475956/100/0/threaded http://www.securityfocus.com/bid/25257 http://www.vupen.com/english/advisories/2007/2839 https://exchange.xforce.ibmcloud.com/vul •