RSS   Vulnerabilities for 'Anyinventory'   RSS

2007-09-06
 
CVE-2007-4744

CWE-20
 

 
PHP remote file inclusion vulnerability in environment.php in AnyInventory 1.9.1 and 2.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the DIR_PREFIX parameter.

 


Copyright 2017, cxsecurity.com