Multiple PHP remote file inclusion vulnerabilities in myBloggie 2.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the bloggie_root_path parameter to (1) config.php; (2) db.php, (3) template.php, (4) functions.php, and (5) classes.php in includes/; (6) viewmode.php; and (7) blog_body.php. NOTE: another researcher disputes the vulnerability because the files are protected against direct requests, contain no relevant include statements, or do not exist
References
Configurations
History
07 Nov 2023, 02:00
Type | Values Removed | Values Added |
---|---|---|
Summary | Multiple PHP remote file inclusion vulnerabilities in myBloggie 2.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the bloggie_root_path parameter to (1) config.php; (2) db.php, (3) template.php, (4) functions.php, and (5) classes.php in includes/; (6) viewmode.php; and (7) blog_body.php. NOTE: another researcher disputes the vulnerability because the files are protected against direct requests, contain no relevant include statements, or do not exist |
Information
Published : 2007-06-12 23:30
Updated : 2024-08-07 14:15
NVD link : CVE-2007-3194
Mitre link : CVE-2007-3194
CVE.ORG link : CVE-2007-3194
JSON object : View
Products Affected
mywebland
- mybloggie
CWE