Vulnerability Database

296,349

Total vulnerabilities in the database

CVE-2007-5166

Multiple PHP remote file inclusion vulnerabilities in SiteSys 1.0a allow remote attackers to execute arbitrary PHP code via a URL in the doc_root parameter to (1) inc/pagehead.inc.php or (2) inc/pageinit.inc.php.

  • Published: Oct 1, 2007
  • Updated: Apr 13, 2023
  • CVE: CVE-2007-5166
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
sitesys / sitesys 1.0a 1.0a.x