Vulnerabilities > CVE-2007-1073 - Remote Security vulnerability in McRefer
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Static code injection vulnerability in install.php in mcRefer allows remote attackers to execute arbitrary PHP code via the bgcolor parameter, which is inserted into mcrconf.inc.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |