CVE-2008-6287

Multiple PHP remote file inclusion vulnerabilities in Broadcast Machine 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) MySQLController.php, (2) SQLController.php, (3) SetupController.php, (4) VideoController.php, and (5) ViewController.php in controllers/.

Date published : 2009-02-25

http://www.securityfocus.com/bid/32554

https://www.exploit-db.com/exploits/7310