CVE-2007-4329

Name of the Vulnerable Software and Affected Versions Web News version 1.1

Description The issue allows remote attackers to execute arbitrary PHP code. This can be achieved by providing a URL in the config[root ordner] parameter to specific API endpoints, such as "index.php", "news.php", or "feed.php".

Recommendations For Web News version 1.1, consider disabling the config[root ordler] parameter in the affected API endpoints "index.php", "news.php", and "feed.php" until a patch is available. Restrict access to these endpoints to minimize the risk of exploitation. Avoid using the config[root ordner] parameter in these endpoints until the issue is resolved.