Unrated severityNVD Advisory· Published May 14, 2007· Updated Apr 23, 2026

CVE-2007-2670

Description

PHPChain 1.0 and earlier allows remote attackers to obtain the installation path via invalid values of the catid parameter to (1) settings.php or (2) cat.php, as demonstrated by XSS manipulations.

Affected products

Globalmegacorp/Phpchain
cpe:2.3:a:globalmegacorp:phpchain:*:*:*:*:*:*:*:*
Range: <=1.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

osvdb.org/35538nvd
pridels0.blogspot.com/2007/05/phpchain-vuln.htmlnvd
secunia.com/advisories/25128nvd
www.securityfocus.com/bid/23761nvd
www.vupen.com/english/advisories/2007/1647nvd
exchange.xforce.ibmcloud.com/vulnerabilities/34019nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000