Unrated severityNVD Advisory· Published May 21, 2007· Updated Jun 16, 2026
CVE-2007-2774
CVE-2007-2774
Description
Multiple PHP remote file inclusion vulnerabilities in SunLight CMS 5.3 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) _connect.php or (2) modules/startup.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:sunlight-cms:sunlight_cms:5.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:sunlight-cms:sunlight_cms:5.3:*:*:*:*:*:*:*
- (no CPE)range: =5.3
Patches
Vulnerability mechanics
References
7- www.exploit-db.com/exploits/3953nvdExploitVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/34393nvdThird Party Advisory
- osvdb.org/36227nvdBroken Link
- osvdb.org/36228nvdBroken Link
- secunia.com/advisories/25366nvdNot Applicable
- www.securityfocus.com/bid/24062nvdBroken Link
- www.vupen.com/english/advisories/2007/1885nvdNot Applicable
News mentions
0No linked articles in our index yet.