Security Advisory

CVE-2007-1715

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2007-03-27 21:00:00

Last updated 2024-08-07 13:06:26

Assigner mitre

State PUBLISHED

Description

PHP remote file inclusion vulnerability in frontpage.php in Free Image Hosting 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter. NOTE: the forgot_pass.php vector is already covered by CVE-2006-5670, and the login.php vector overlaps CVE-2006-5763.

← Browse all CVEs View on cve.org ↗