PT-2007-5364 · Php · Vgallite

Published

2007-08-07

Updated

2024-08-07

CVE-2007-4169

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions vgallite (affected versions not specified)

Description Multiple PHP remote file inclusion issues in vgallite may allow remote attackers to execute arbitrary PHP code. The issue is reportedly related to the dirpath parameter to functions.php and the lang parameter to index.php. However, the validity of these vectors is disputed due to the nature of the include once statements and the variables involved.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2007-4169

Affected Products

Vgallite

PT-2007-5364 · Php · Vgallite

CVE-2007-4169

Weakness Enumeration

Related Identifiers

Affected Products

References · 6