What is the severity of CVE-2007-5178?

CVE-2007-5178 is considered critical due to its potential for remote file inclusion and execution of arbitrary PHP code.

How do I fix CVE-2007-5178?

To fix CVE-2007-5178, ensure that you update the mx_glance module to a version that addresses this vulnerability.

What software is affected by CVE-2007-5178?

CVE-2007-5178 specifically affects mxBB version 2.3.3 with the mx_glance module.

Can CVE-2007-5178 be exploited remotely?

Yes, CVE-2007-5178 can be exploited remotely, allowing attackers to execute malicious code via crafted URLs.

What are the consequences of exploiting CVE-2007-5178?

Exploiting CVE-2007-5178 can lead to unauthorized access to the server and potential full compromise of the web application.

Vulnerability/
CVE-2007-5178

medium

6.8

CWE

3/10/2007

7/8/2024

CVE-2007-5178: Code Injection

First published: Wed Oct 03 2007(Updated: )

contrib/mx_glance_sdesc.php in the mx_glance 2.3.3 module for mxBB places a critical security check within a comment because of a missing comment delimiter, which allows remote attackers to conduct remote file inclusion attacks and execute arbitrary PHP code via a URL in the mx_root_path parameter. NOTE: some sources incorrectly state that phpbb_root_path is the affected parameter.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Mx Glance	=2.3.3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-5178?
CVE-2007-5178 is considered critical due to its potential for remote file inclusion and execution of arbitrary PHP code.
How do I fix CVE-2007-5178?
To fix CVE-2007-5178, ensure that you update the mx_glance module to a version that addresses this vulnerability.
What software is affected by CVE-2007-5178?
CVE-2007-5178 specifically affects mxBB version 2.3.3 with the mx_glance module.
Can CVE-2007-5178 be exploited remotely?
Yes, CVE-2007-5178 can be exploited remotely, allowing attackers to execute malicious code via crafted URLs.
What are the consequences of exploiting CVE-2007-5178?
Exploiting CVE-2007-5178 can lead to unauthorized access to the server and potential full compromise of the web application.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/weakness
agent/author
agent/severity
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/mxbb
canonical/mx glance
version/mx glance/2.3.3

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.