VYPR
Unrated severityNVD Advisory· Published Oct 9, 2007· Updated Jun 16, 2026

CVE-2007-5305

CVE-2007-5305

Description

Multiple PHP remote file inclusion vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the (1) contenus parameter to (a) contenus.php; the (2) tpelseifportalrepertoire parameter to (b) votes.php, (c) espaceperso.php, (d) enregistrement.php, (e) commentaire.php, and (f) coeurusr.php in utilisateurs/, and (g) articles/fonctions.php and (h) depot/fonctions.php in moduleajouter/; the (3) corpsdesign parameter to (i) articles/usrarticles.php and (j) depot/usrdepot.php in moduleajouter/; and possibly other files.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

14

News mentions

0

No linked articles in our index yet.