VYPR
Unrated severityNVD Advisory· Published Mar 13, 2007· Updated Jun 16, 2026

CVE-2007-1423

CVE-2007-1423

Description

Multiple PHP remote file inclusion vulnerabilities in WORK system e-commerce 3.0.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the g_include parameter to include/include_top.php and certain other PHP scripts.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • cpe:2.3:a:work_system_e-commerce:work_system_e-commerce:3.0.3:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:work_system_e-commerce:work_system_e-commerce:3.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:work_system_e-commerce:work_system_e-commerce:3.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:work_system_e-commerce:work_system_e-commerce:3.0.41:*:*:*:*:*:*:*
    • cpe:2.3:a:work_system_e-commerce:work_system_e-commerce:3.0.5:*:*:*:*:*:*:*
    • (no CPE)range: <=3.0.5

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.