QwikSec

Security Database

CVE

CWE

Training

CVE-2007-5440

Published: Oct 14, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple PHP remote file inclusion vulnerabilities in CRS Manager allow remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter to (1) index.php or (2) login.php. NOTE: this issue is disputed by CVE, since DOCUMENT_ROOT cannot be modified by an attacker

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_OSVDB

20071010 Vulnerabilities digest

mailing-list

x_refsource_BUGTRAQ

http://securityvulns.com/source26994.html

x_refsource_MISC

third-party-advisory

x_refsource_SREASON

vdb-entry

x_refsource_BID

http://securityvulns.com/Rdocument959.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.