CVE-2007-2594

Name of the Vulnerable Software and Affected Versions phpMyPortal version 3.0.0 RC3

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[CHEMINMODULES] parameter in the inc/articles.inc.php file.

Recommendations For phpMyPortal version 3.0.0 RC3, consider restricting access to the inc/articles.inc.php file to minimize the risk of exploitation. Avoid using the GLOBALS[CHEMINMODULES] parameter in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.