MidnightBSD

Advisories for carlos_eduardo_sotelo_pinto

CVE-2010-1737 MEDIUM

PHP remote file inclusion vulnerability in core/includes/gfw_smarty.php in Gallo 0.1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the config[gfwroot] parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
carlos_eduardo_sotelo_pinto 0.1.0 *