Vulnerabilities > CVE-2007-0810 - Remote File Include vulnerability in Geeklog 2

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

geeklog

exploit available

NVD

Published: 2007-02-07

Updated: 2017-10-19

Summary

PHP remote file inclusion vulnerability in MVCnPHP/BaseView.php in GeekLog 2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the glConf[path_libraries] parameter. NOTE: this might be a vulnerability in MVCnPHP rather than a vulnerability in GeekLog.

Vulnerable Configurations

Part	Description	Count
Application	Geeklog Geeklog Geeklog 2	1

Exploit-Db

description	Geeklog 2 (BaseView.php) Remote File Inclusion Vulnerability. CVE-2007-0810. Webapps exploit for php platform
file	exploits/php/webapps/3267.txt
id	EDB-ID:3267
last seen	2016-01-31
modified	2007-02-05
platform	php
port
published	2007-02-05
reporter	GoLd_M
source	https://www.exploit-db.com/download/3267/
title	Geeklog 2 BaseView.php Remote File Inclusion Vulnerability
type	webapps

Summary

Vulnerable Configurations

Exploit-Db

References