** DISPUTED ** PHP remote file inclusion vulnerability in sample.php in YaPiG 0.95b allows remote attackers to execute arbitrary PHP code via a URL in the YAPIG_PATH parameter. NOTE: this issue has been disputed by CVE, since YAPIG_PATH is defined before use.
References
Configurations
History
No history.
Information
Published : 2007-09-18 20:17
Updated : 2024-08-07 16:15
NVD link : CVE-2007-4951
Mitre link : CVE-2007-4951
CVE.ORG link : CVE-2007-4951
JSON object : View
Products Affected
yapig
- yapig
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')