CVE-2007-5096
guanxiCRM Business Solution 0.9.1 - Remote Code Execution via webmail2_inc_dir Parameter
Title source: llmDescription
PHP remote file inclusion vulnerability in modules/webmail2/inc/rfc822.php in guanxiCRM Business Solution 0.9.1 allows remote attackers to execute arbitrary PHP code via a URL in the webmail2_inc_dir parameter.
References (2)
Core 2
Core References
Exploit x_refsource_misc
http://arfis.wordpress.com/2007/09/14/rfi-02-guanxicrm-business-solution/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/38575
Scores
EPSS
0.0130
EPSS Percentile
67.0%
Details
CWE
CWE-94
Status
published
Products (1)
guanxicrm/guanxicrm_business_solution
0.9.1
Published
Sep 26, 2007
Tracked Since
Feb 18, 2026