CVE-2007-0189

** DISPUTED **

PHP remote file inclusion vulnerability in index.php in GeoBB Georgian Bulletin Board allows remote attackers to execute arbitrary PHP code via a URL in the action parameter. NOTE: CVE disputes this issue, since GeoBB 1.0 sets $action to a whitelisted value.

Date published : 2007-01-10

http://www.securityfocus.com/archive/1/456251/100/0/threaded

http://osvdb.org/33440