CVE-2007-0758

Name of the Vulnerable Software and Affected Versions PHPProbid version 5.24

Description A remote file inclusion issue exists in the lang.php file of PHPProbid, allowing remote attackers to execute arbitrary PHP code. This is achieved by providing a URL in the SRC attribute of an HTML element within the lang parameter.

Recommendations For PHPProbid version 5.24, consider restricting access to the lang.php file to prevent remote file inclusion attacks. As a temporary workaround, avoid using the lang parameter in URLs until a patch is available.