McRefer CVE-2007-1073 Remote Security Vulnerability

McRefer CVE-2007-1073 Remote Security Vulnerability

McRefer is prone to a remote security vulnerability. Static code injection vulnerability in install.php in mcRefer allows remote attackers to execute arbitrary PHP code via the bgcolor parameter, which is inserted into mcrconf.inc.php.