← back
CVE-2007-1895

CVE-2007-1895

EPSS 2.3%
PHP remote file inclusion vulnerability in chat.php in Sky GUNNING MySpeach 3.0.7 and earlier, when used with PHP 5, allows remote attackers to execute arbitrary PHP code via an ftp URL in a my_ms[root] cookie, a different vector than CVE-2007-0491 and CVE-2006-4630.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/3657unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/34145http://secunia.com/advisories/24760https://www.exploit-db.com/exploits/3657http://www.vupen.com/english/advisories/2007/1261