CVE-2007-5160

Restaurant Management System 0.5 - Remote File Inclusion via DIR_ROOT or DIR_PAGE Parameter

Title source: llm
STIX 2.1

Description

Multiple PHP remote file inclusion vulnerabilities in Thierry Leriche Restaurant Management System (ReMaSys) 0.5 allow remote attackers to execute arbitrary PHP code via a URL in (1) the DIR_ROOT parameter to (a) global.php, or the (2) DIR_PAGE parameter to (b) template/fr/page.php or (c) page/fr/boxConnection.php.

References (1)

Core 1
Core References

Scores

EPSS 0.0121
EPSS Percentile 64.7%

Details

CWE
CWE-94
Status published
Products (1)
restaurant_management_system/restaurant_management_system 0.5
Published Oct 01, 2007
Tracked Since Feb 18, 2026