Mysql Server · Mysqlnewsengine · CVE-2007-0828
Name of the Vulnerable Software and Affected Versions:
MySQLNewsEngine (affected versions not specified)
Description:
A remote file inclusion issue in the affichearticles.php3 file of MySQLNewsEngine allows remote attackers to execute arbitrary PHP code. This is achieved by providing a URL in the `newsenginedir` parameter.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.