CVE-2007-4007

Article Directory - Remote File Inclusion via Page Parameter

Title source: manual

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-4007. PoCs published by mozi.

AI-analyzed exploit summary This entry appears to be a writeup or advisory for CVE-2007-4007, containing dorks for finding vulnerable sites and references to an original post. No actual exploit code is present.

Description

PHP remote file inclusion vulnerability in index.php in Article Directory (Article Site Directory) allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by mozi · textwebappsphp

https://www.exploit-db.com/exploits/4221

View Code ZIP pw:eip

This entry appears to be a writeup or advisory for CVE-2007-4007, containing dorks for finding vulnerable sites and references to an original post. No actual exploit code is present.

Classification

Writeup 80%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: unknown (likely a PHP-based CMS or similar)

No auth needed

Prerequisites: none

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Exploit x_refsource_misc

http://darkcode.ath.cx/f0rum/ind3x.php?action=vthread&forum=12&topic=114

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/25042

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/35632

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/39107

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/4221

Scores

EPSS 0.0349

EPSS Percentile 87.6%

Details

Status published

Products (1)

article_directory/article_directory

Published Jul 26, 2007

Tracked Since Feb 18, 2026