Civi

1 exploit Active since Oct 2007
CVE-2007-5697 EXPLOITDB text WORKING POC
PHP Image 1.2 - Remote Code Execution via xarg Parameter
Multiple PHP remote file inclusion vulnerabilities in PHP Image 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the xarg parameter to (1) xarg_corner.php, (2) xarg_corner_bottom.php, and (3) xarg_corner_top.php.