Unrated severityNVD Advisory· Published Apr 9, 2007· Updated Apr 23, 2026

CVE-2007-1895

Description

PHP remote file inclusion vulnerability in chat.php in Sky GUNNING MySpeach 3.0.7 and earlier, when used with PHP 5, allows remote attackers to execute arbitrary PHP code via an ftp URL in a my_ms[root] cookie, a different vector than CVE-2007-0491 and CVE-2006-4630.

Affected products

Sky Gunning/Myspeach
cpe:2.3:a:sky_gunning:myspeach:*:*:*:*:*:*:*:*
Range: <=3.0.7

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

osvdb.org/34145nvd
secunia.com/advisories/24760nvd
www.vupen.com/english/advisories/2007/1261nvd
www.exploit-db.com/exploits/3657nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000