Unrated severityNVD Advisory· Published Sep 20, 2007· Updated Jun 16, 2026
CVE-2007-5009
CVE-2007-5009
Description
PHP remote file inclusion vulnerability in language/lang_german/lang_main_album.php in phpBB Plus 1.53, and 1.53a before 20070922, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:phpbb2:phpbb2_plus:1.53:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:phpbb2:phpbb2_plus:1.53:*:*:*:*:*:*:*
- cpe:2.3:a:phpbb2:phpbb2_plus:1.53a:*:*:*:*:*:*:*
- Range: <=1.53a before 20070922
Patches
Vulnerability mechanics
References
8- marc.infonvdExploit
- www.securityfocus.com/bid/25737nvdExploit
- secunia.com/advisories/26888nvdVendor Advisory
- www.vupen.com/english/advisories/2007/3247nvdVendor Advisory
- osvdb.org/38265nvd
- www.phpbb2.de/ftopic45218.htmlnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/36697nvd
- www.exploit-db.com/exploits/4434nvd
News mentions
0No linked articles in our index yet.