{ "schema_version": "1.4.0", "id": "GHSA-5f5m-56ch-x6w9", "modified": "2022-05-01T18:07:34Z", "published": "2022-05-01T18:07:34Z", "aliases": [ "CVE-2007-2816" ], "details": "Multiple PHP remote file inclusion vulnerabilities in ol'bookmarks 0.7.4 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) test1.php, (2) blackorange.php, (3) default.php, (4) frames1.php, (5) frames1_top.php, (7) test2.php, (8) test3.php, (9) test4.php, (10) test5.php, (11) test6.php, (12) frames1_left.php, and (13) frames1_center.php in themes/.", "severity": [], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-2816" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34402" }, { "type": "WEB", "url": "https://www.exploit-db.com/exploits/3962" }, { "type": "WEB", "url": "http://osvdb.org/36493" }, { "type": "WEB", "url": "http://osvdb.org/36494" }, { "type": "WEB", "url": "http://osvdb.org/36495" }, { "type": "WEB", "url": "http://osvdb.org/36496" }, { "type": "WEB", "url": "http://osvdb.org/36497" }, { "type": "WEB", "url": "http://osvdb.org/36498" }, { "type": "WEB", "url": "http://osvdb.org/36499" }, { "type": "WEB", "url": "http://osvdb.org/36500" }, { "type": "WEB", "url": "http://osvdb.org/36501" }, { "type": "WEB", "url": "http://osvdb.org/36502" }, { "type": "WEB", "url": "http://osvdb.org/36503" }, { "type": "WEB", "url": "http://osvdb.org/36504" }, { "type": "WEB", "url": "http://secunia.com/advisories/25356" }, { "type": "WEB", "url": "http://www.attrition.org/pipermail/vim/2007-May/001623.html" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/24083" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2007/1893" } ], "database_specific": { "cwe_ids": [ "CWE-94" ], "severity": "HIGH", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2007-05-22T21:30:00Z" } }