Required CVE Record Information
Description
PHP remote file inclusion vulnerability in include/mail.inc.php in Rezervi 3.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the root parameter, a different vector than CVE-2007-2156.
References 7 Total
- exchange.xforce.ibmcloud.com: rezervi-mailinc-file-include(55341) vdb-entry
- securityfocus.com: 37589 vdb-entry
- exploit-db.com: 10967 exploit
- http://packetstormsecurity.org/1001-exploits/rezervi-rfi.txt
- vupen.com: ADV-2010-0016 vdb-entry
- secunia.com: 38118 third-party-advisory
- osvdb.org: 61450 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 7 Total
- exchange.xforce.ibmcloud.com: rezervi-mailinc-file-include(55341) vdb-entryx_transferred
- securityfocus.com: 37589 vdb-entryx_transferred
- exploit-db.com: 10967 exploitx_transferred
- http://packetstormsecurity.org/1001-exploits/rezervi-rfi.txt x_transferred
- vupen.com: ADV-2010-0016 vdb-entryx_transferred
- secunia.com: 38118 third-party-advisoryx_transferred
- osvdb.org: 61450 vdb-entryx_transferred