CVE-2007-1073

CVE-2007-1073

EPSS 2.2%

Static code injection vulnerability in install.php in mcRefer allows remote attackers to execute arbitrary PHP code via the bgcolor parameter, which is inserted into mcrconf.inc.php.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://osvdb.org/42619 http://securityreason.com/securityalert/2283 http://www.securityfocus.com/archive/1/459796/100/200/threaded