CVE-2007-2493

FAQ & RULES <2.0.0 - RCE

Title source: llm

Description

PHP remote file inclusion vulnerability in faq.php in the FAQ & RULES 2.0.0 and earlier module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by bd0rk · phpwebappsphp
https://www.exploit-db.com/exploits/3833

References (5)

Scores

EPSS 0.0483
EPSS Percentile 89.5%

Details

Status published
Products (2)
mxbb/mxbb_faq < 2.0.0
mxbb/mxbb_rules < 2.0.0
Published May 04, 2007
Tracked Since Feb 18, 2026