{ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5641", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple PHP remote file inclusion vulnerabilities in PHP Project Management 0.8.10 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the full_path parameter to (1) certinfo/index.php, (2) emails/index.php, (3) events/index.php, (4) fax/index.php, (5) files/index.php, (6) files/list.php, (7) groupadm/index.php, (8) history/index.php, (9) info/index.php, (10) log/index.php, (11) mail/index.php, (12) messages/index.php, (13) organizations/index.php, (14) phones/index.php, (15) presence/index.php, (16) projects/index.php, (17) projects/summary.inc.php, (18) projects/list.php, (19) reports/index.php, (20) search/index.php, (21) snf/index.php, (22) syslog/index.php, (23) tasks/searchsimilar.php, (24) tasks/index.php, (25) tasks/summary.inc.php, and (26) useradm/index.php in modules; (27) /ajax/loadsplash.php; (28) /blocks/birthday.php; (29) /blocks/events.php; and (30) /blocks/help.php." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "41914", "refsource": "OSVDB", "url": "http://osvdb.org/41914" }, { "name": "41907", "refsource": "OSVDB", "url": "http://osvdb.org/41907" }, { "name": "4549", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/4549" }, { "name": "41917", "refsource": "OSVDB", "url": "http://osvdb.org/41917" }, { "name": "41910", "refsource": "OSVDB", "url": "http://osvdb.org/41910" }, { "name": "41906", "refsource": "OSVDB", "url": "http://osvdb.org/41906" }, { "name": "41957", "refsource": "OSVDB", "url": "http://osvdb.org/41957" }, { "name": "41905", "refsource": "OSVDB", "url": "http://osvdb.org/41905" }, { "name": "41920", "refsource": "OSVDB", "url": "http://osvdb.org/41920" }, { "name": "41975", "refsource": "OSVDB", "url": "http://osvdb.org/41975" }, { "name": "41908", "refsource": "OSVDB", "url": "http://osvdb.org/41908" }, { "name": "41931", "refsource": "OSVDB", "url": "http://osvdb.org/41931" }, { "name": "41918", "refsource": "OSVDB", "url": "http://osvdb.org/41918" }, { "name": "41925", "refsource": "OSVDB", "url": "http://osvdb.org/41925" }, { "name": "phpprojectmanagement-fullpath-file-include(37347)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37347" }, { "name": "41934", "refsource": "OSVDB", "url": "http://osvdb.org/41934" }, { "name": "41927", "refsource": "OSVDB", "url": "http://osvdb.org/41927" }, { "name": "26150", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26150" }, { "name": "41909", "refsource": "OSVDB", "url": "http://osvdb.org/41909" }, { "name": "41928", "refsource": "OSVDB", "url": "http://osvdb.org/41928" }, { "name": "41912", "refsource": "OSVDB", "url": "http://osvdb.org/41912" }, { "name": "27347", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27347" }, { "name": "41913", "refsource": "OSVDB", "url": "http://osvdb.org/41913" } ] } }