Vulnerabilities > CVE-2007-3194 - Unspecified vulnerability in Mywebland Mybloggie 2.1.5

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

mywebland

NVD

Published: 2007-06-12

Updated: 2024-04-11

Summary

Multiple PHP remote file inclusion vulnerabilities in myBloggie 2.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the bloggie_root_path parameter to (1) config.php; (2) db.php, (3) template.php, (4) functions.php, and (5) classes.php in includes/; (6) viewmode.php; and (7) blog_body.php. NOTE: another researcher disputes the vulnerability because the files are protected against direct requests, contain no relevant include statements, or do not exist

Vulnerable Configurations

Part	Description	Count
Application	Mywebland Mywebland Mybloggie 2.1.5	1

References

http://archives.neohapsis.com/archives/bugtraq/2007-06/0125.html
http://securityreason.com/securityalert/2794
http://osvdb.org/37685
http://www.securityfocus.com/archive/1/470972/100/0/threaded