Unrated severityNVD Advisory· Published Jun 14, 2007· Updated Jun 16, 2026
CVE-2007-3228
CVE-2007-3228
Description
PHP remote file inclusion vulnerability in saf/lib/PEAR/PhpDocumentor/Documentation/tests/bug-559668.php in Sitellite CMS 4.2.12 and earlier might allow remote attackers to execute arbitrary PHP code via a URL in the FORUM[LIB] parameter. NOTE: by default, access to the PhpDocumentor directory tree is blocked by .htaccess.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:simian_systems_inc:sitellite_cms:4.2.12:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:simian_systems_inc:sitellite_cms:4.2.12:*:*:*:*:*:*:*
- (no CPE)range: <= 4.2.12
Patches
Vulnerability mechanics
References
9- osvdb.org/36816nvd
- www.attrition.org/pipermail/vim/2007-June/001658.htmlnvd
- www.attrition.org/pipermail/vim/2007-June/001659.htmlnvd
- www.securityfocus.com/archive/1/471540/100/0/threadednvd
- www.securityfocus.com/archive/1/471721/100/0/threadednvd
- www.securityfocus.com/bid/24474nvd
- www.vupen.com/english/advisories/2007/2207nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/34860nvd
- www.exploit-db.com/exploits/4071nvd
News mentions
0No linked articles in our index yet.