Vulnerabilities > Inclusion of Functionality from Untrusted Control Sphere

DATE CVE VULNERABILITY TITLE RISK
2004-01-20 CVE-2004-0030 Inclusion of Functionality from Untrusted Control Sphere vulnerability in PHPgedview 2.61
PHP remote file inclusion vulnerability in (1) functions.php, (2) authentication_index.php, and (3) config_gedcom.php for PHPGEDVIEW 2.61 allows remote attackers to execute arbitrary PHP code by modifying the PGV_BASE_DIRECTORY parameter to reference a URL on a remote web server that contains the code.
network
low complexity
phpgedview CWE-829
critical
9.8