Unrated severityNVD Advisory· Published May 14, 2007· Updated Jun 16, 2026
CVE-2007-2660
CVE-2007-2660
Description
PHP remote file inclusion vulnerability in pcltrace.lib.php in the PclTar module in Vincent Blavet PhpConcept Library, as used in CJG EXPLORER PRO 3.3 and earlier and probably other products, allows remote attackers to execute arbitrary PHP code via a URL in the g_pcltar_lib_dir parameter. NOTE: CVE disputes this issue since there is no include statement in pcltrace.lib.php. NOTE: the pcltar.lib.php vector is already covered by CVE-2007-2199
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:cjg_explorer_pro:cjg_explorer_pro:*:*:*:*:*:*:*:*Range: <=3.3
- cpe:2.3:a:vincent_blavet:phpconcept_library:*:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.