CVE-2007-1990

Name of the Vulnerable Software and Affected Versions MyBlog versions 1.0 through 1.6

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the id parameter in the games.php file. This is a different vector from other known issues.

Recommendations For MyBlog versions 1.0 through 1.6, consider restricting access to the games.php file and avoid using the id parameter in URLs until a fix is available. At the moment, there is no information about a newer version that contains a fix for this issue.