Vulnerabilities > CVE-2007-1626 - Remote File Include vulnerability in PHP-Nuke IFrame Module IFrame.PHP

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
php-nuke
critical
exploit available
NVD
Published: 2007-03-23
Updated: 2017-10-11

Summary

PHP remote file inclusion vulnerability in iframe.php in the iFrame Module for PHP-NUKE allows remote attackers to execute arbitrary PHP code via a URL in the file parameter.

Vulnerable Configurations

Part Description Count
Application
Php-Nuke
1

Exploit-Db

descriptioniFrame for Phpnuke (iframe.php) Remote File Inclusion Vulnerability. CVE-2007-1626. Webapps exploit for php platform
fileexploits/php/webapps/3512.txt
idEDB-ID:3512
last seen2016-01-31
modified2007-03-18
platformphp
port
published2007-03-18
reporterCold Zero
sourcehttps://www.exploit-db.com/download/3512/
titleiFrame for Phpnuke iframe.php Remote File Inclusion Vulnerability
typewebapps

References