VYPR
Unrated severityNVD Advisory· Published Oct 1, 2007· Updated Jun 16, 2026

CVE-2007-5168

CVE-2007-5168

Description

Multiple PHP remote file inclusion vulnerabilities in ClanLite 1.23.01.2005 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) modules/serveur_jeux.php or (2) conf/conf-php.php. NOTE: vector 1 is disputed by CVE because the require_once is only reached when a certain constant has already been defined.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Clanlite/Clanlite2 versions
    cpe:2.3:a:clanlite:clanlite:1.23.01.2005:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:clanlite:clanlite:1.23.01.2005:*:*:*:*:*:*:*
    • (no CPE)range: 1.23.01.2005

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.