CVE-2007-5102

Name of the Vulnerable Software and Affected Versions Wordsmith version 1.0 RC1

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the path parameter when register globals is enabled.

Recommendations For Wordsmith version 1.0 RC1, consider disabling the register globals setting to prevent exploitation until a patch is available. Restrict access to the config.inc.php file to minimize the risk of arbitrary PHP code execution. Avoid using the path parameter in URLs until the issue is resolved.