Vulnerabilities > Alexscriptengine > Download Engine > 1.4.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-04-26 | CVE-2007-2289 | Remote Security vulnerability in Alexscriptengine Download-Engine 1.4.1 PHP remote file inclusion vulnerability in admin/includes/spaw/dialogs/insert_link.php in download engine (Download-Engine) 1.4.1 allows remote authenticated users to execute arbitrary PHP code via a URL in the spaw_root parameter, a different vector than CVE-2007-2255. | 7.5 |