CVE-2007-6485

Multiple PHP remote file inclusion vulnerabilities in Centreon 1.4.1 (aka Oreon 1.4) allow remote attackers to execute arbitrary PHP code via a URL in the fileOreonConf parameter to (1) MakeXML.php or (2) MakeXML4statusCounter.php in include/monitoring/engine/.

Date published : 2007-12-20

http://www.securityfocus.com/bid/26883

http://www.securityfocus.com/archive/1/485152/100/0/threaded