Unrated severityNVD Advisory· Published Apr 22, 2007· Updated Apr 23, 2026

CVE-2007-2167

Description

Static code injection vulnerability in process.php in AimStats 3.2 allows remote attackers to inject PHP code into config.php via the number parameter in an update action.

Affected products

Aimstats/Aimstats
cpe:2.3:a:aimstats:aimstats:3.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/24955nvd
www.securityfocus.com/bid/23573nvd
www.vupen.com/english/advisories/2007/1447nvd
www.x-pose.org/aimstats.phpnvd
exchange.xforce.ibmcloud.com/vulnerabilities/33742nvd
www.exploit-db.com/exploits/3762nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000