Multiple PHP file inclusion vulnerabilities in WGS-PPC (aka PPC Search Engine), as distributed with other aliases, allow remote attackers to execute arbitrary PHP code via a URL in the INC parameter in (1) config_admin.php, (2) config_main.php, (3) config_member.php, and (4) mysql_config.php in config/; (5) admin.php and (6) index.php in admini/; (7) paypalipn/ipnprocess.php; (8) index.php and (9) registration.php in members/; and (10) ppcbannerclick.php and (11) ppcclick.php in main/.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:25
Type | Values Removed | Values Added |
---|---|---|
References | () http://securityreason.com/securityalert/2134 - | |
References | () http://www.attrition.org/pipermail/vim/2007-January/001221.html - | |
References | () http://www.osvdb.org/33444 - | |
References | () http://www.osvdb.org/33445 - | |
References | () http://www.osvdb.org/33446 - | |
References | () http://www.osvdb.org/33447 - | |
References | () http://www.osvdb.org/33448 - | |
References | () http://www.osvdb.org/33449 - | |
References | () http://www.osvdb.org/33450 - | |
References | () http://www.osvdb.org/33451 - | |
References | () http://www.osvdb.org/33452 - | |
References | () http://www.osvdb.org/33453 - | |
References | () http://www.osvdb.org/33454 - | |
References | () http://www.securityfocus.com/archive/1/456386/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/21961 - Exploit | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/31355 - | |
References | () https://www.exploit-db.com/exploits/3104 - |
Information
Published : 2007-01-10 01:28
Updated : 2024-11-21 00:25
NVD link : CVE-2007-0167
Mitre link : CVE-2007-0167
CVE.ORG link : CVE-2007-0167
JSON object : View
Products Affected
wgs-ppc
- wgs-ppc
ppc_search_engine
- ppc_search_engine
CWE