CVE-2007-1525

Direct static code injection vulnerability in postpost.php in Dayfox Blog (dfblog) 4 allows remote attackers to execute arbitrary PHP code via the cat parameter, which can be executed via a request to posts.php.

Date published : 2007-03-20

http://www.securityfocus.com/bid/22972

https://www.exploit-db.com/exploits/3478