CVE-2007-5096

guanxiCRM Business Solution 0.9.1 - Remote Code Execution via webmail2_inc_dir Parameter

Title source: llm
STIX 2.1

Description

PHP remote file inclusion vulnerability in modules/webmail2/inc/rfc822.php in guanxiCRM Business Solution 0.9.1 allows remote attackers to execute arbitrary PHP code via a URL in the webmail2_inc_dir parameter.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/38575

Scores

EPSS 0.0130
EPSS Percentile 67.0%

Details

CWE
CWE-94
Status published
Products (1)
guanxicrm/guanxicrm_business_solution 0.9.1
Published Sep 26, 2007
Tracked Since Feb 18, 2026