CVE-2007-5186
published 2007-10-03CVE-2007-5186: PHP remote file inclusion vulnerability in index.php in Segue CMS 1.8.4 and earlier, when register_globals is disabled, allows remote attackers to execute…
PriorityP347medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
46.82%
98.7th percentile
PHP remote file inclusion vulnerability in index.php in Segue CMS 1.8.4 and earlier, when register_globals is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the themesdir parameter, a different vector than CVE-2006-5497. NOTE: this issue was disputed, but the dispute was retracted after additional analysis.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| segue_cms | segue_cms | <= 1.8.4 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP requests to index.php containing a URL-like value in the 'themesdir' parameter, which is the injection point for remote file inclusion in Segue CMS 1.8.4 and earlier. ↗
- →This RFI vector is distinct from CVE-2006-5497 — ensure detection rules cover the themesdir parameter specifically, not just previously known Segue CMS RFI vectors. ↗
- →The vulnerability is only exploitable when register_globals is disabled on the PHP server — detection should not be limited to environments with register_globals enabled. ↗
- ·The RFI vulnerability in Segue CMS 1.8.4 index.php is exploitable specifically when register_globals is DISABLED — this is an atypical condition for RFI (usually register_globals being enabled is the risk factor), so standard RFI mitigations assuming register_globals=on may not apply here. ↗
- ·This issue was initially disputed but the dispute was retracted after additional analysis — treat it as a confirmed, valid vulnerability. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/27025http://sourceforge.net/project/shownotes.php?group_id=82171&release_id=543854http://www.attrition.org/pipermail/vim/2007-October/001811.htmlhttp://www.attrition.org/pipermail/vim/2007-October/001816.htmlhttp://www.securityfocus.com/bid/25889http://www.vupen.com/english/advisories/2007/3342https://exchange.xforce.ibmcloud.com/vulnerabilities/36903https://www.exploit-db.com/exploits/4476http://secunia.com/advisories/27025http://sourceforge.net/project/shownotes.php?group_id=82171&release_id=543854http://www.attrition.org/pipermail/vim/2007-October/001811.htmlhttp://www.attrition.org/pipermail/vim/2007-October/001816.htmlhttp://www.securityfocus.com/bid/25889http://www.vupen.com/english/advisories/2007/3342https://exchange.xforce.ibmcloud.com/vulnerabilities/36903https://www.exploit-db.com/exploits/4476
2007-10-03
Published