CVE-2007-6614

Name of the Vulnerable Software and Affected Versions phpAutoVideo version 2.21

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter. This is related to the ability to include remote files in the admin/frontpage right.php file.

Recommendations For phpAutoVideo version 2.21, consider restricting access to the loadadminpage parameter to minimize the risk of exploitation. As a temporary workaround, restrict the use of the admin/frontpage right.php file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.