Vulnerability in N/a
CVE-2007-5186
PHP remote file inclusion vulnerability in index.php in Segue CMS 1.8.4 and earlier, when register_globals is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the themesdir parameter, a different vector than CVE…
EPSS: 0.576 (98.2th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 4476 (exploit, x_refsource_EXPLOIT-DB)
- sourceforge.net/project/shownotes.php (x_refsource_CONFIRM)
- 20071001 Bogus: Segue CMS <= 1.8.4 index.php Remote File Inclusion Vulnerability (mailing-list, x_refsource_VIM)
- segue-index-file-include(36903) (vdb-entry, x_refsource_XF)
- 20071001 Bogus: Segue CMS <= 1.8.4 index.php Remote File Inclusion Vulnerability (mailing-list, x_refsource_VIM)
- ADV-2007-3342 (vdb-entry, x_refsource_VUPEN)
- 27025 (x_refsource_SECUNIA, third-party-advisory)
- 25889 (vdb-entry, x_refsource_BID)