Back to search
CVE-2007-2422
Published: May 2, 2007
Modified: Jan 17, 2025
PUBLISHED
Description
Multiple PHP remote file inclusion vulnerabilities in Modules Builder (modbuild) 4.1 for Comdev One Admin allow remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter to (1) config-bak.php or (2) config.php. NOTE: CVE disputes this vulnerability because the unmodified scripts set the applicable variable to the empty string; reasonable modified copies would use a fixed pathname string
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
2659
third-party-advisory
x_refsource_SREASON
modbuilder-config-file-include(33917)
vdb-entry
x_refsource_XF
20070425 modbuild >> 4.1 Remote File Inclusion
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now