CVE-2007-1147
PHP remote file inclusion vulnerability in view.php in hbm allows remote attackers to execute arbitrary PHP code via a URL in the hbmpath parameter.
Date published : 2007-02-27
http://www.securityfocus.com/archive/1/460933/100/0/threaded