Vulnerabilities > CVE-2007-3353 - Unspecified vulnerability in Mywebland Myevent 1.6

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

mywebland

NVD

Published: 2007-06-22

Updated: 2024-04-11

Summary

PHP remote file inclusion vulnerability in includes/template.php in MyEvent 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the myevent_path parameter. NOTE: a reliable third party disputes this issue, saying "the entire file is a class.

Vulnerable Configurations

Part	Description	Count
Application	Mywebland Mywebland Myevent 1.6	1

References

http://marc.info/?l=bugtraq&m=118080045229127&w=2
http://osvdb.org/36230
http://www.securityfocus.com/archive/1/470348/100/200/threaded