{ "schema_version": "1.4.0", "id": "GHSA-mmcf-56h8-qj8f", "modified": "2025-04-09T03:48:41Z", "published": "2022-05-01T18:39:35Z", "aliases": [ "CVE-2007-6105" ], "details": "Multiple PHP remote file inclusion vulnerabilities in TalkBack 2.2.7 allow remote attackers to execute arbitrary PHP code via a URL in the (1) language_file parameter to (a) comments-display-tpl.php and (b) addons/separate-comments-mod/my-comments-display-tpl.php and the (2) config[comments_form_tpl] parameter to comments-display-tpl.php.", "severity": [], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-6105" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38596" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38597" }, { "type": "WEB", "url": "https://www.exploit-db.com/exploits/4640" }, { "type": "WEB", "url": "http://osvdb.org/38815" }, { "type": "WEB", "url": "http://osvdb.org/38816" }, { "type": "WEB", "url": "http://secunia.com/advisories/27767" }, { "type": "WEB", "url": "http://www.scripts.oldguy.us/forums/index.php/topic%2C290.0.html" }, { "type": "WEB", "url": "http://www.scripts.oldguy.us/forums/index.php/topic,290.0.html" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/484045/100/0/threaded" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/485662/100/100/threaded" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/26520" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2007/3963" } ], "database_specific": { "cwe_ids": [ "CWE-94" ], "severity": "MODERATE", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2007-11-23T20:46:00Z" } }