CVE-2007-1247

Multiple PHP remote file inclusion vulnerabilities in aWeb Labs aWebNews 1.5 allow remote attackers to execute arbitrary PHP code via a URL in the path_to_news parameter to (1) listing.php or (2) visview.php.

Link	Resource
http://www.securityfocus.com/bid/22781	Exploit
http://secunia.com/advisories/24351	Vendor Advisory
http://securityreason.com/securityalert/2365
http://osvdb.org/33825
http://osvdb.org/33824
http://www.vupen.com/english/advisories/2007/0808
https://exchange.xforce.ibmcloud.com/vulnerabilities/32770
http://www.securityfocus.com/archive/1/461684/100/0/threaded
http://www.securityfocus.com/archive/1/461680/100/0/threaded

Configuration 1

cpe:2.3:a:aweb_labs:awebnews:1.5:*:*:*:*:*:*:*

---

Published : 2007-03-03 08:19

Updated : 2018-10-16 04:37

---

NVD link : CVE-2007-1247

Mitre link : CVE-2007-1247

No products.

CWE-94