Vulnerabilities > CVE-2007-0787 - Local File Include vulnerability in Simple Invoices Simple Invoices 20070202
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
simple-invoices
Summary
PHP remote file inclusion vulnerability in controller.php in Simple Invoices before 20070202 allows remote attackers to execute arbitrary PHP code via a URL in the (1) module or (2) view parameter. NOTE: some of these details are obtained from third party information. Successful exploitation requires that "register_globals" is enabled and "magic_quotes_gpc" is disabled.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |