CVE-2007-1975

Name of the Vulnerable Software and Affected Versions SLAED CMS 2

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the path parameter to "admin/admin.php" or the modpath parameter to "index.php". This can be exploited by providing a malicious URL as the value for these parameters, potentially leading to the execution of unauthorized PHP code.

Recommendations For SLAED CMS 2, as a temporary workaround, consider restricting access to the "admin/admin.php" and "index.php" scripts until a patch is available. Avoid using the path and modpath parameters in these scripts until the issue is resolved.