CVE-2008-7073

Name of the Vulnerable Software and Affected Versions Pie Web Meshler RSS module version 0.1

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the lib parameter when register globals is enabled. This is due to a PHP remote file inclusion vulnerability in the lib/action/rss.php file of the RSS module.

Recommendations For RSS module version 0.1, consider disabling the register globals setting to prevent exploitation until a patch is available. Restrict access to the lib/action/rss.php file to minimize the risk of arbitrary PHP code execution. Avoid using the lib parameter in the affected module until the issue is resolved.