CVE-2007-1843

Name of the Vulnerable Software and Affected Versions: MapLab version 2.2.1

Description: The issue allows remote attackers to execute arbitrary PHP code when the register globals setting is enabled. This is achieved by providing a URL in the gszAppPath parameter.

Recommendations: For MapLab version 2.2.1, consider disabling the register globals setting to prevent exploitation. Additionally, restrict access to the gmapfactory/params.php file to minimize the risk of arbitrary PHP code execution. Avoid using the gszAppPath parameter in the affected API endpoint until the issue is resolved.