CVE-2007-5146

Name of the Vulnerable Software and Affected Versions Der Dirigent version 1.0

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the dedi path parameter to various PHP files, including (1) inc.generate code.php, (2) fnc.type forms.php, or (3) fnc.type.php in backend/inc/, or via the this dir parameter to backend/inc/class.filemanager.php. Note that some vectors are disputed due to PHP encountering a fatal function-call error on a direct request for the file.

Recommendations For Der Dirigent version 1.0, consider disabling the inc.generate code.php, fnc.type forms.php, fnc.type.php, and class.filemanager.php files until a patch is available. Restrict access to the frontend.php and backend.php files in projekt01/cms/inc/ to minimize the risk of exploitation. Avoid using the dedi path and this dir parameters in the affected API endpoints until the issue is resolved.