What is CVE-2007-5423?

CVE-2007-5423 is a vulnerability in N/a. Published 2007-10-12.

Is CVE-2007-5423 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2007-5423

tiki-graph_formula.php in TikiWiki 1.9.8 allows remote attackers to execute arbitrary code via PHP sequences in the f array parameter, which are processed by create_function.

EPSS: 0.888 (99.5th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

GLSA-200710-21 (vendor-advisory, x_refsource_GENTOO)
ADV-2007-3492 (vdb-entry, x_refsource_VUPEN)
securityvulns.ru/Sdocument162.html (x_refsource_MISC)
20071010 Vulnerabilities digest (mailing-list, x_refsource_BUGTRAQ)
26006 (vdb-entry, x_refsource_BID)
27344 (x_refsource_SECUNIA, third-party-advisory)
bugs.gentoo.org/show_bug.cgi (x_refsource_MISC)
40478 (x_refsource_OSVDB, vdb-entry)
3216 (x_refsource_SREASON, third-party-advisory)
tikiwiki-tikigraphformula-command-execution(37076) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2007-5423?: CVE-2007-5423 is a vulnerability in N/a. Published 2007-10-12.
Is CVE-2007-5423 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.