CVE-2007-2091

Tsdisplay4xoops - Code Injection

Title source: rule

Description

PHP remote file inclusion vulnerability in blocks/tsdisplay4xoops_block2.php in tsdisplay4xoops (TSD4XOOPS, aka the TeamSpeak display module) 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the xoops_url parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by GoLd_M · textwebappsphp
https://www.exploit-db.com/exploits/3750

References (5)

Scores

EPSS 0.0854
EPSS Percentile 92.2%

Classification

CWE
CWE-94
Status draft

Affected Products (1)

tsdisplay4xoops/tsdisplay4xoops

Timeline

Published Apr 18, 2007
Tracked Since Feb 18, 2026