Unrated severityNVD Advisory· Published Apr 24, 2007· Updated Apr 23, 2026

CVE-2007-2205

Description

PHP remote file inclusion vulnerability in modules/rtmessageadd.php in LAN Management System (LMS) 1.5.3, and possibly 1.5.4, allows remote attackers to execute arbitrary PHP code via a URL in the _LIB_DIR parameter, a different vector than CVE-2007-1643.

Affected products

Lan Management System/Lan Management System2 versions
cpe:2.3:a:lan_management_system:lan_management_system:1.5.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:lan_management_system:lan_management_system:1.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:lan_management_system:lan_management_system:1.5.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/23611nvdPatch
osvdb.org/35480nvd
securityreason.com/securityalert/2630nvd
www.attrition.org/pipermail/vim/2007-April/001560.htmlnvd
www.securityfocus.com/archive/1/466664/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/33819nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000