PHP remote file inclusion vulnerability in header.inc.php in Philex 0.2.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CssFile parameter.
CVSS Score
10.0
EPSS Score
0.352
Published
2007-03-27
download.php in Philex 0.2.3 and earlier allows remote attackers to read arbitrary files and source code, and obtain sensitive information via the file parameter.
CVSS Score
5.0
EPSS Score
0.032
Published
2007-03-27