CVE-2007-1073

CVE-2007-1073

EPSS 2.2%

Static code injection vulnerability in install.php in mcRefer allows remote attackers to execute arbitrary PHP code via the bgcolor parameter, which is inserted into mcrconf.inc.php.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://osvdb.org/42619 http://securityreason.com/securityalert/2283 http://www.securityfocus.com/archive/1/459796/100/200/threaded