VYPR
Unrated severityNVD Advisory· Published Apr 12, 2007· Updated Jun 16, 2026

CVE-2007-2001

CVE-2007-2001

Description

Multiple direct static code injection vulnerabilities in admin/configurer2.php in Crea-Book 1.0 and earlier allow remote authenticated administrators to execute arbitrary PHP code via the "Fond de la page" (background color) field and other unspecified fields, which injects into config.inc.php3.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:crea-book:crea-book:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:crea-book:crea-book:*:*:*:*:*:*:*:*range: <=1.0
    • (no CPE)range: <=1.0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.