Description

PHP remote file inclusion vulnerability in config.php in FrontAccounting 1.12 Build 31 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_root parameter.

Remediation

References

CVE-2007-4279

Related Vulnerabilities

Moodle Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-5542)

WordPress Plugin Acumbamail Information Disclosure (1.0.4)

Joomla Improper Privilege Management Vulnerability (CVE-2012-1563)

Adobe Coldfusion 8 multiple linked XSS vulnerabilies

WordPress Plugin Flat Preloader Cross-Site Scripting (1.5.4)

Severity

High

Classification

CVE-2007-4279

Tags

Missing Update Known Vulnerabilities