CyberSec.Space Logo
Back to CVE Browser

CVE-2007-5390

MEDIUM
6.8
CVSS Severity Score
EPSS Score0.1000%
EPSS Percentile31.38th
PublishedOct 12, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

PHP remote file inclusion vulnerability in index.php in PicoFlat CMS 0.4.14 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pagina parameter.

Affected Platforms (CPE)

πŸ“¦
Picoflat Cms

Picoflat Cms

<= 0.4.14

References & Advisories

πŸ”— http://osvdb.org/37686
πŸ”— http://secunia.com/advisories/27208
πŸ”— http://www.securityfocus.com/bid/26043
πŸ”— https://www.exploit-db.com/exploits/4520
πŸ”— http://osvdb.org/37686
πŸ”— http://secunia.com/advisories/27208
πŸ”— http://www.securityfocus.com/bid/26043
πŸ”— https://www.exploit-db.com/exploits/4520

Related Vulnerabilities

CVE-2008-660410.0

Directory traversal vulnerability in index.php in PicoFlat CMS 0.5.9 allows remote attackers to include and execute arbitrary loca...

CVE-2007-59206.8

index.php in Domenico Mancini PicoFlat CMS before 0.4.18 allows remote attackers to include certain files via unspecified vectors,...

CVE-2007-350010.0

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.

CVE-2007-049610.0

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to ex...