CVE-2008-4141

Publication date

2008-09-19 18:00:00

Family

mitre

State

PUBLISHED

Description

Multiple PHP remote file inclusion vulnerabilities in x10Media x10 Automatic MP3 Script 1.5.5 allow remote attackers to execute arbitrary PHP code via a URL in the web_root parameter to (1) includes/function_core.php and (2) templates/layout_lyrics.php.