VYPR
Unrated severityNVD Advisory· Published May 30, 2007· Updated Jun 16, 2026

CVE-2007-2899

CVE-2007-2899

Description

Direct static code injection vulnerability in admin_config.php in NavBoard 2.6.0 allows remote attackers to inject arbitrary PHP code into data/config.php via multiple parameters, as demonstrated via the threadperpage parameter in an editconfig action.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Navboard/Navboard2 versions
    cpe:2.3:a:navboard:navboard:16:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:navboard:navboard:16:*:*:*:*:*:*:*
    • (no CPE)range: =2.6.0

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.