Unrated severityNVD Advisory· Published May 25, 2007· Updated Jun 16, 2026
CVE-2007-2866
CVE-2007-2866
Description
Multiple SQL injection vulnerabilities in modules/admin/modules/gallery.php in PHPEcho CMS 2.0-rc1 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter and possibly other parameters. NOTE: some of these details are obtained from third party information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:phpecho_cms:phpecho_cms:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:phpecho_cms:phpecho_cms:*:*:*:*:*:*:*:*range: <=2.0_rc1
- (no CPE)range: <=2.0-rc1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.