Unrated severityNVD Advisory· Published May 31, 2007· Updated Apr 23, 2026

CVE-2007-2941

Description

Multiple PHP remote file inclusion vulnerabilities in the creator in vBulletin Google Yahoo Site Map (vBGSiteMap) 2.41 for vBulletin allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to (1) vbgsitemap/vbgsitemap-config.php or (2) vbgsitemap/vbgsitemap-vbseo.php.

Affected products

Michael Brandon/Vbgsitemap
cpe:2.3:a:michael_brandon:vbgsitemap:2.41:*:vbulletin:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

osvdb.org/38084nvd
osvdb.org/38085nvd
www.securityfocus.com/bid/24169nvd
exchange.xforce.ibmcloud.com/vulnerabilities/34531nvd
www.exploit-db.com/exploits/3990nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000