VYPR
Unrated severityNVD Advisory· Published Feb 8, 2007· Updated Jun 16, 2026

CVE-2007-0854

CVE-2007-0854

Description

Remote file inclusion vulnerability in scripts2/objcache in cPanel WebHost Manager (WHM) allows remote attackers to execute arbitrary code via a URL in the obj parameter. NOTE: a third party claims that this issue is not file inclusion because the contents are not parsed, but the attack can be used to overwrite files in /var/cpanel/objcache or provide unexpected web page contents.

Affected products

2
  • cpe:2.3:a:cpanel:webhost_manager:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:cpanel:webhost_manager:*:*:*:*:*:*:*:*
    • (no CPE)

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.