Vulnerabilities > CVE-2007-1024 - Remote File Include vulnerability in Marcello Vitagliano Meganoides News 1.1.1

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
marcello-vitagliano
critical
exploit available
NVD
Published: 2007-02-21
Updated: 2018-10-16

Summary

PHP remote file inclusion vulnerability in include.php in Meganoide's news 1.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter.

Vulnerable Configurations

Part Description Count
Application
Marcello_Vitagliano
1

Exploit-Db

descriptionMeganoide's News 1.1.1 Include.PHP Remote File Include Vulnerability. CVE-2007-1024. Webapps exploit for php platform
idEDB-ID:29609
last seen2016-02-03
modified2007-02-16
published2007-02-16
reporterKaRTaL
sourcehttps://www.exploit-db.com/download/29609/
titleMeganoide's News 1.1.1 Include.PHP Remote File Include Vulnerability

References