CVE-2007-6082

Direct static code injection vulnerability in acp/savenews.php in Sciurus Hosting Panel, possibly 2.0.3, allows remote attackers to inject arbitrary PHP code via the filecontents parameter, which can be executed by accessing includes/news.php.

Date published : 2007-11-21

http://www.securityfocus.com/bid/26481

http://www.securityfocus.com/archive/1/483867/100/0/threaded