Remote File Inclusion Vulnerabilities in CARE2X 2G 2.2 by CARE2
CVE-2007-5418

Currently unrated

Key Information:

Vendor: Care2x
Status: 2g
Vendor: CVE Published:; 12 October 2007

What is CVE-2007-5418?

CARE2X 2G 2.2 contains multiple PHP remote file inclusion vulnerabilities that enable remote attackers to execute arbitrary PHP code. By manipulating the root_path parameter in various scripts, including en_copyrite.php, vi_copyrite.php, and others across the language and include directories, attackers can exploit these weaknesses and potentially compromise the server's security. This vulnerability emphasizes the importance of securing web applications against improper input handling and ensuring robust validation measures are in place.

References

http://osvdb.org/43640

vdb-entryx_refsource_OSVDB

http://osvdb.org/43641

vdb-entryx_refsource_OSVDB

http://osvdb.org/43642

vdb-entryx_refsource_OSVDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 12, 2007
Vulnerability Reserved
Oct 12, 2007

CVE-2007-5418 Data

JSON

Care2x

What is CVE-2007-5418?

References

Timeline