Vulnerabilities > CVE-2007-2189 - Remote File Include vulnerability in MX Smartor Full Album Pack 2.1Rc1
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
PHP remote file inclusion vulnerability in admin/admin_album_otf.php in the MX Smartor Full Album Pack (FAP) 2.0 RC1 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Mx Module Smartor Album FAP 2.0 RC 1 Remote File Inclusion Vuln. CVE-2007-2189. Webapps exploit for php platform |
| file | exploits/php/webapps/3766.txt |
| id | EDB-ID:3766 |
| last seen | 2016-01-31 |
| modified | 2007-04-19 |
| platform | php |
| port | |
| published | 2007-04-19 |
| reporter | bd0rk |
| source | https://www.exploit-db.com/download/3766/ |
| title | Mx Module Smartor Album FAP 2.0 RC 1 - Remote File Inclusion Vuln |
| type | webapps |