QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2007-2185

Back to search

CVE-2007-2185

Published: Apr 24, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple PHP remote file inclusion vulnerabilities in Supasite 1.23b allow remote attackers to execute arbitrary PHP code via a URL in the supa[db_path] parameter to (1) common_functions.php, (2) admin_auth_cookies.php, (3) admin_mods.php, (4) admin_news.php, (5) admin_topics.php, (6) admin_users.php, (7) admin_utilities.php, (8) site_comment.php, or (9) site_news.php; or the supa[include_path] parameter to (10) admin_settings.php or (11) backend_site.php.

VendorProductVersions

n/a

n/a

affected
n/a

References

supasite-supa-file-include(33796)
vdb-entry
x_refsource_XF
38845
vdb-entry
x_refsource_OSVDB
38849
vdb-entry
x_refsource_OSVDB
38846
vdb-entry
x_refsource_OSVDB
38851
vdb-entry
x_refsource_OSVDB
38855
vdb-entry
x_refsource_OSVDB
38854
vdb-entry
x_refsource_OSVDB
38853
vdb-entry
x_refsource_OSVDB
23581
vdb-entry
x_refsource_BID
3771
exploit
x_refsource_EXPLOIT-DB
38847
vdb-entry
x_refsource_OSVDB
38848
vdb-entry
x_refsource_OSVDB
ADV-2007-1492
vdb-entry
x_refsource_VUPEN
38850
vdb-entry
x_refsource_OSVDB
38852
vdb-entry
x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now