Unrated severityNVD Advisory· Published Feb 7, 2007· Updated Apr 23, 2026

CVE-2007-0804

Description

Directory traversal vulnerability in admin/subpages.php in GGCMS 1.1.0 RC1 and earlier allows remote attackers to inject arbitrary PHP code into arbitrary files via ".." sequences in the subpageName parameter, as demonstrated by injecting PHP code into a template file.

Affected products

Ggcms/Ggcms
cpe:2.3:a:ggcms:ggcms:1.1.0_rc1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/22412nvdExploitVendor Advisory
osvdb.org/35849nvd
www.vupen.com/english/advisories/2007/0492nvd
exchange.xforce.ibmcloud.com/vulnerabilities/32211nvd
www.exploit-db.com/exploits/3271nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000