Description

PHP remote file inclusion vulnerability in config.php in FrontAccounting 1.12 Build 31 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_root parameter.

Remediation

References

CVE-2007-4279

Related Vulnerabilities

Oracle Database Server Other Vulnerability (CVE-2006-5343)

WordPress Plugin WP Mass Mail Open Email Relay (2.45)

AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2023-26118)

Apache HTTP Server Other Vulnerability (CVE-1999-0926)

WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Scripting (1.22.8)

Severity

High

Classification

CVE-2007-4279

Tags

Missing Update Known Vulnerabilities