A vulnerability classified as critical has been found in Form tools 1.5.0b. Affected is an unknown function of the file admin_page_open.php. The manipulation of the argument g_root_dir leads to code injection.

This vulnerability is traded as CVE-2007-6464. It is possible to launch the attack remotely. Furthermore, there is an exploit available.