CVE-2007-2346

Name of the Vulnerable Software and Affected Versions PHP-Generics version 1.0 beta

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the APP RELATIVE PATH parameter to specific API endpoints: "include.php", "dbcommon/include.php", and "exception/include.php".

Recommendations For PHP-Generics version 1.0 beta, consider restricting access to the APP RELATIVE PATH parameter in the affected API endpoints until a patch is available. As a temporary workaround, avoid using the APP RELATIVE PATH parameter in the "include.php", "dbcommon/include.php", and "exception/include.php" endpoints to minimize the risk of exploitation.