CyberSec.Space Logo
Back to CVE Browser

CVE-2007-2205

HIGH
7.5
CVSS Severity Score
EPSS Score0.1700%
EPSS Percentile31.56th
PublishedApr 24, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

PHP remote file inclusion vulnerability in modules/rtmessageadd.php in LAN Management System (LMS) 1.5.3, and possibly 1.5.4, allows remote attackers to execute arbitrary PHP code via a URL in the _LIB_DIR parameter, a different vector than CVE-2007-1643.

Affected Platforms (CPE)

πŸ“¦
Lan Management System

Lan Management System

= 1.5.3
πŸ“¦
Lan Management System

Lan Management System

= 1.5.4

References & Advisories

πŸ”— http://osvdb.org/35480
πŸ”— http://securityreason.com/securityalert/2630
πŸ”— http://www.attrition.org/pipermail/vim/2007-April/001560.html
πŸ”— http://www.securityfocus.com/archive/1/466664/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/23611
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/33819
πŸ”— http://osvdb.org/35480
πŸ”— http://securityreason.com/securityalert/2630

Related Vulnerabilities

CVE-2007-164310.0

Multiple PHP remote file inclusion vulnerabilities in LAN Management System (LMS) 1.8.9 Vala and earlier allow remote attackers to...

CVE-2018-68547.8

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to L...

CVE-2019-152627.5

A vulnerability in the Secure Shell (SSH) session management for Cisco Wireless LAN Controller (WLC) Software could allow an unaut...

CVE-2007-33257.5

PHP remote file inclusion vulnerability in lib/language.php in LAN Management System (LMS) 1.9.6 and earlier allows remote attacke...