CVE-2007-1104

Name of the Vulnerable Software and Affected Versions PHP Module Implementation (PHP-MIP) version 0.1

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the laypath parameter. This is a result of a remote file inclusion vulnerability in the top.php file.

Recommendations For PHP Module Implementation (PHP-MIP) version 0.1, avoid using the laypath parameter in the affected API endpoint until the issue is resolved. As a temporary workaround, consider restricting access to the top.php file to minimize the risk of exploitation.