CVE-2007-5165

Name of the Vulnerable Software and Affected Versions myIpacNG-stats (MINGS) version 0.05

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the MINGS BASE parameter. This is a remote file inclusion vulnerability in the init.php file. Note that this issue is disputed because MINGS BASE is defined before use.

Recommendations For myIpacNG-stats (MINGS) version 0.05, consider restricting access to the MINGS BASE parameter to minimize the risk of exploitation. As a temporary workaround, avoid using the MINGS BASE parameter in the affected init.php file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.