Vulnerabilities > CVE-2007-1924 - Unspecified vulnerability in PHPcontact
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Multiple PHP remote file inclusion vulnerabilities in phpContact allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to (1) contact_business.php or (2) contact_person.php. NOTE: this issue is disputed by CVE and a reliable third party, because include_path is initialized to a fixed value before use
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://securityreason.com/securityalert/2528
- http://securityreason.com/securityalert/2528
- http://www.attrition.org/pipermail/vim/2007-April/001495.html
- http://www.attrition.org/pipermail/vim/2007-April/001495.html
- http://www.securityfocus.com/archive/1/464877/100/0/threaded
- http://www.securityfocus.com/archive/1/464877/100/0/threaded