Vulnerabilities > Mcrefer

DATE CVE VULNERABILITY TITLE RISK
2007-02-22 CVE-2007-1073 Remote Security vulnerability in McRefer
Static code injection vulnerability in install.php in mcRefer allows remote attackers to execute arbitrary PHP code via the bgcolor parameter, which is inserted into mcrconf.inc.php.
network
low complexity
mcrefer
critical
10.0