CVE-2007-1787

Name of the Vulnerable Software and Affected Versions: Softerra Time-Assistant versions 6.2 and earlier

Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the inc dir or lib dir parameters when register globals is enabled.

Recommendations: For Softerra Time-Assistant versions 6.2 and earlier, consider disabling the register globals setting to prevent exploitation until a patch is available. Restrict access to the lib/timesheet.class.php file to minimize the risk of exploitation. Avoid using the inc dir and lib dir parameters in URLs until the issue is resolved.