Unrated severityNVD Advisory· Published May 9, 2007· Updated Jun 16, 2026
CVE-2007-2572
CVE-2007-2572
Description
PHP remote file inclusion vulnerability in modules/noevents/templates/mfa_theme.php in NoAh (aka PHP Content Architect, phparch) 0.9 pre 1.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the tpls[1] parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:noah:noah:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:noah:noah:*:*:*:*:*:*:*:*range: <=0.9_pre_1.2
- (no CPE)range: <=0.9 pre 1.2
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.