Unrated severityNVD Advisory· Published Apr 30, 2007· Updated Jun 16, 2026
CVE-2007-2371
CVE-2007-2371
Description
admin/index.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier provides access to configuration modification before login, which allows remote attackers to cause a denial of service (loss of configuration data), and possibly perform direct static code injection, via a saveGlobalconfig action.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:gregory_kokanosky:phpmynewsletter:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:gregory_kokanosky:phpmynewsletter:*:*:*:*:*:*:*:*range: <=0.8_beta_5
- (no CPE)range: <=0.8 beta5
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.