Unrated severityNVD Advisory· Published Oct 3, 2007· Updated Jun 16, 2026
CVE-2007-5186
CVE-2007-5186
Description
PHP remote file inclusion vulnerability in index.php in Segue CMS 1.8.4 and earlier, when register_globals is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the themesdir parameter, a different vector than CVE-2006-5497. NOTE: this issue was disputed, but the dispute was retracted after additional analysis.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
8- secunia.com/advisories/27025nvdVendor Advisory
- www.vupen.com/english/advisories/2007/3342nvdVendor Advisory
- sourceforge.net/project/shownotes.phpnvd
- www.attrition.org/pipermail/vim/2007-October/001811.htmlnvd
- www.attrition.org/pipermail/vim/2007-October/001816.htmlnvd
- www.securityfocus.com/bid/25889nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/36903nvd
- www.exploit-db.com/exploits/4476nvd
News mentions
0No linked articles in our index yet.