CVE-2007-4947
myphpPagetool 0.4.3 - Remote Code Execution via ptinclude Parameter
Title source: llmDescription
Multiple PHP remote file inclusion vulnerabilities in myphpPagetool 0.4.3 allow remote attackers to execute arbitrary PHP code via a URL in the ptinclude parameter to (1) help1.php, (2) help2.php, (3) help3.php, (4) help4.php, (5) help5.php, (6) help6.php, (7) help7.php, (7) help8.php, (8) help9.php, or (10) index.php in doc/admin/.
References (11)
Core 11
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/43152
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/43155
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/43150
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/43158
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/43157
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/43151
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/43154
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/43153
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/43156
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/43159
Exploit x_refsource_misc
http://arfis.wordpress.com/2007/09/14/rfi-03-myphppagetool/
Scores
EPSS
0.0358
EPSS Percentile
88.0%
Details
CWE
CWE-94
Status
published
Products (1)
myphppagetool/myphppagetool
0.4.3
Published
Sep 18, 2007
Tracked Since
Feb 18, 2026