CVE-2007-5631
published 2007-10-23CVE-2007-5631: Multiple PHP remote file inclusion vulnerabilities in PeopleAggregator 1.2pre6, when register_globals is enabled, allow remote attackers to execute arbitrary…
PriorityP347medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
39.42%
98.4th percentile
Multiple PHP remote file inclusion vulnerabilities in PeopleAggregator 1.2pre6, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the current_blockmodule_path parameter to (1) AudiosMediaGalleryModule/AudiosMediaGalleryModule.php, (2) ImagesMediaGalleryModule/ImagesMediaGalleryModule.php, (3) MembersFacewallModule/MembersFacewallModule.php, (4) NewestGroupsModule/NewestGroupsModule.php, (5) UploadMediaModule/UploadMediaModule.php, and (6) VideosMediaGalleryModule/VideosMediaGalleryModule.php in BetaBlockModules/; and (7) the path_prefix parameter to several components.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| peopleaggregator | peopleaggregator | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://osvdb.org/45495http://osvdb.org/45496http://osvdb.org/45497http://osvdb.org/45498http://osvdb.org/45499http://osvdb.org/45500http://osvdb.org/45501http://www.myelin.co.nz/post/2007/11/12/#200711121http://www.securityfocus.com/archive/1/483571/100/0/threadedhttp://www.securityfocus.com/bid/26147https://exchange.xforce.ibmcloud.com/vulnerabilities/37349https://www.exploit-db.com/exploits/4551http://osvdb.org/45495http://osvdb.org/45496http://osvdb.org/45497http://osvdb.org/45498http://osvdb.org/45499http://osvdb.org/45500http://osvdb.org/45501http://www.myelin.co.nz/post/2007/11/12/#200711121http://www.securityfocus.com/archive/1/483571/100/0/threadedhttp://www.securityfocus.com/bid/26147https://exchange.xforce.ibmcloud.com/vulnerabilities/37349https://www.exploit-db.com/exploits/4551
2007-10-23
Published