CVE-2007-0828
MySQLNewsEngine - Remote File Inclusion via newsenginedir Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2007-0828. PoCs published by Blaster.
AI-analyzed exploit summary This is a writeup describing a remote file inclusion vulnerability in MySQLNewsEngine due to insufficient input sanitization. The vulnerability allows an attacker to include arbitrary files by manipulating the 'newsenginedir' parameter.
Description
PHP remote file inclusion vulnerability in affichearticles.php3 in MySQLNewsEngine allows remote attackers to execute arbitrary PHP code via a URL in the newsenginedir parameter.
Exploits (1)
This is a writeup describing a remote file inclusion vulnerability in MySQLNewsEngine due to insufficient input sanitization. The vulnerability allows an attacker to include arbitrary files by manipulating the 'newsenginedir' parameter.