CVE-2007-1771

Name of the Vulnerable Software and Affected Versions: Ay System Solutions Web Content System (WCS) version 2.7.1

Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the path[JavascriptEdit] parameter in the manage/javascript/formjavascript.php file.

Recommendations: For version 2.7.1, consider restricting access to the manage/javascript/formjavascript.php file to minimize the risk of exploitation. Avoid using the path[JavascriptEdit] parameter in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.