CVE-2007-5166

Publication date

2007-10-01 00:00:00

Family

mitre

State

PUBLISHED

Description

Multiple PHP remote file inclusion vulnerabilities in SiteSys 1.0a allow remote attackers to execute arbitrary PHP code via a URL in the doc_root parameter to (1) inc/pagehead.inc.php or (2) inc/pageinit.inc.php.