Release DateJul 04, 2007 |
Severitylow |
ImpactSystem compromise. |
DescriptionIdan Sofer PHP::HTML has a remote file include vulnerability. A remote attacker could execute an arbitrary script on a vulnerable web server, with the privileges of the server, via a specially-crafted URL request to the 'phphtml' script, using the 'htmlclass_path' parameter to specify a malicious PHP file from a remote system. |
Affected ProductsPHP::HTML version 0.6.4 and prior. |
Recommended ActionsCurrently we are not aware of any official supplied fix for this issue. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2007-3230 |
Reference/shttp://www.securityfocus.com/bid/24477 (BugTraq) |
