CVE-2007-5139

Name of the Vulnerable Software and Affected Versions chupix version 0.2.3

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the repertoire parameter when register globals is enabled. This is a result of a remote file inclusion vulnerability in the admin/include/header.php file.

Recommendations For chupix version 0.2.3, consider disabling the register globals setting to prevent exploitation until a patch is available. Restrict access to the admin/include/header.php file to minimize the risk of arbitrary PHP code execution. Avoid using the repertoire parameter in URLs for the affected file until the issue is resolved.