CyberSec.Space Logo
Back to CVE Browser

CVE-2007-2493

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1500%
EPSS Percentile8.43th
PublishedMay 4, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

PHP remote file inclusion vulnerability in faq.php in the FAQ & RULES 2.0.0 and earlier module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter.

Affected Platforms (CPE)

πŸ“¦
Mxbb

Mxbb Faq

<= 2.0.0
πŸ“¦
Mxbb

Mxbb Rules

<= 2.0.0

References & Advisories

πŸ”— http://osvdb.org/37613
πŸ”— http://www.securityfocus.com/bid/23758
πŸ”— http://www.vupen.com/english/advisories/2007/1631
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/34008
πŸ”— https://www.exploit-db.com/exploits/3833
πŸ”— http://osvdb.org/37613
πŸ”— http://www.securityfocus.com/bid/23758
πŸ”— http://www.vupen.com/english/advisories/2007/1631

Related Vulnerabilities

CVE-2007-010010.0

The Perforce client does not restrict the set of files that it overwrites upon receiving a request from the server, which allows r...

CVE-2007-011710.0

DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 10.4.8 does not properly validate Bill of Materials (BOM) fil...

CVE-2007-005710.0

Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a sh...

CVE-2007-030310.0

Multiple unspecified vulnerabilities in Zina 1.0rc1 and earlier have unknown impact and attack vectors related to "Potential secur...