CyberSec.Space Logo
Back to CVE Browser

CVE-2007-3325

HIGH
7.5
CVSS Severity Score
EPSS Score0.1430%
EPSS Percentile18.07th
PublishedJun 21, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

PHP remote file inclusion vulnerability in lib/language.php in LAN Management System (LMS) 1.9.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _LIB_DIR parameter, a different vector than CVE-2007-1643 and CVE-2007-2205.

Affected Platforms (CPE)

πŸ“¦
Lms

Lan Management System

<= 1.6.9

References & Advisories

πŸ”— http://osvdb.org/36194
πŸ”— http://www.securityfocus.com/bid/24578
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/34959
πŸ”— https://www.exploit-db.com/exploits/4086
πŸ”— http://osvdb.org/36194
πŸ”— http://www.securityfocus.com/bid/24578
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/34959
πŸ”— https://www.exploit-db.com/exploits/4086

Related Vulnerabilities

CVE-2007-164310.0

Multiple PHP remote file inclusion vulnerabilities in LAN Management System (LMS) 1.8.9 Vala and earlier allow remote attackers to...

CVE-2018-68547.8

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to L...

CVE-2019-152627.5

A vulnerability in the Secure Shell (SSH) session management for Cisco Wireless LAN Controller (WLC) Software could allow an unaut...

CVE-2007-22057.5

PHP remote file inclusion vulnerability in modules/rtmessageadd.php in LAN Management System (LMS) 1.5.3, and possibly 1.5.4, allo...