CVE-2007-1167

Name of the Vulnerable Software and Affected Versions deV!L`z Clanportal (DZCP) versions 1.4.5 and earlier

Description The issue allows remote attackers to obtain MySQL data. This is achieved by exploiting the file parameter in the inc/filebrowser/browser.php file, specifically by manipulating the inc/mysql.php value.

Recommendations For versions 1.4.5 and earlier, consider restricting access to the inc/filebrowser/browser.php file and the inc/mysql.php script to minimize the risk of exploitation. Avoid using the file parameter in the inc/filebrowser/browser.php file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.