CVE-2007-2545
Last modified
CVE-2007-2545 is a vulnerability of currently unknown severity. Multiple PHP remote file inclusion vulnerabilities in Persism CMS 0.9.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the system[path] parameter to (1) blocks/headerfile.php, (2) files/blocks/latest_files.php, (3) filters/headerfile.php, (4) forums/blocks/latest_posts.php, (5) groups/headerfile.php, (6) links/blocks/links.php, (7) menu/headerfile.php, (8) news/blocks/latest_news.php, (9) settings/headerfile.php, or (10) users/headerfile.php, in modules/.. EPSS estimates a 68.75% chance of exploitation in the next 30 days.
Description
Multiple PHP remote file inclusion vulnerabilities in Persism CMS 0.9.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the system[path] parameter to (1) blocks/headerfile.php, (2) files/blocks/latest_files.php, (3) filters/headerfile.php, (4) forums/blocks/latest_posts.php, (5) groups/headerfile.php, (6) links/blocks/links.php, (7) menu/headerfile.php, (8) news/blocks/latest_news.php, (9) settings/headerfile.php, or (10) users/headerfile.php, in modules/.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Persism Cms | Persism Cms | <= 0.9.2 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2007-2545?
How severe is CVE-2007-2545?
How do I fix CVE-2007-2545?
Are you affected by CVE-2007-2545?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST