CVE-2007-1013

Name of the Vulnerable Software and Affected Versions: VirtualSystem Htaccess Passwort Generator version 1.1

Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the ht pfad parameter in the generate.php file. This is a result of a PHP remote file inclusion vulnerability.

Recommendations: For VirtualSystem Htaccess Passwort Generator version 1.1, consider restricting access to the generate.php file or the ht pfad parameter to minimize the risk of exploitation. As a temporary workaround, avoid using the ht pfad parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.