CVE-2007-1141
Magic News Plus 1.0.2 - RCE
Title source: llmDescription
PHP remote file inclusion vulnerability in preview.php in Magic News Plus 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the php_script_path parameter. NOTE: This issue may overlap CVE-2006-0723.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by HACKERS PAL · phpwebappsphp
https://www.exploit-db.com/exploits/29627
Scores
EPSS
0.0205
EPSS Percentile
83.6%
Classification
CWE
CWE-94
Status
draft
Affected Products (1)
reamday_enterprises/magic_news_plus
Timeline
Published
Mar 02, 2007
Tracked Since
Feb 18, 2026