CVE-2007-5163

Nexty 1.01.A Beta - Remote Code Execution via rel Parameter in layout.php

Title source: llm
STIX 2.1

Description

PHP remote file inclusion vulnerability in includes/functions/layout.php in Nexty 1.01.A Beta allows remote attackers to execute arbitrary PHP code via a URL in the rel parameter. NOTE: this issue is disputed by CVE because the applicable include is in a function that is not called on a direct request

References (1)

Core 1
Core References

Scores

EPSS 0.0121
EPSS Percentile 64.7%

Details

CWE
CWE-94
Status published
Products (1)
nexty/nexty 1.01._abeta
Published Oct 01, 2007
Tracked Since Feb 18, 2026