CVE-2007-2156

N/A Unknown

Published: April 19, 2007 Modified: April 23, 2026

Description

Multiple PHP remote file inclusion vulnerabilities in Rezervi Generic 0.9 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) datumVonDatumBis.inc.php, (2) footer.inc.php, (3) header.inc.php, and (4) stylesheets.php in templates/; and (5) wochenuebersicht.inc.php, (6) monatsuebersicht.inc.php, (7) jahresuebersicht.inc.php, and (8) tagesuebersicht.inc.php in belegungsplan/.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://osvdb.org/35006

Source: cve@mitre.org

http://osvdb.org/35007

Source: cve@mitre.org

http://osvdb.org/35008

Source: cve@mitre.org

http://osvdb.org/35009

Source: cve@mitre.org

http://osvdb.org/35010

Source: cve@mitre.org

http://osvdb.org/35011

Source: cve@mitre.org

http://osvdb.org/35012

Source: cve@mitre.org

http://osvdb.org/35013

Source: cve@mitre.org

http://secunia.com/advisories/24926

Source: cve@mitre.org

http://www.securityfocus.com/bid/23550

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/1448

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/33737

Source: cve@mitre.org

https://www.exploit-db.com/exploits/3763

Source: cve@mitre.org

http://osvdb.org/35006