{"uuid": "d6c7be17-4cae-45dd-95d3-89232664fe27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2007-3194", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2135", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2007-3194\n\ud83d\udd39 Description: Multiple PHP remote file inclusion vulnerabilities in myBloggie 2.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the bloggie_root_path parameter to (1) config.php; (2) db.php, (3) template.php, (4) functions.php, and (5) classes.php in includes/; (6) viewmode.php; and (7) blog_body.php.  NOTE: another researcher disputes the vulnerability because the files are protected against direct requests, contain no relevant include statements, or do not exist\n\ud83d\udccf Published: 2007-06-12T23:00:00\n\ud83d\udccf Modified: 2025-01-17T14:41:46.304Z\n\ud83d\udd17 References:\n1. http://securityreason.com/securityalert/2794\n2. http://archives.neohapsis.com/archives/bugtraq/2007-06/0125.html\n3. http://www.securityfocus.com/archive/1/470972/100/0/threaded\n4. http://osvdb.org/37685", "creation_timestamp": "2025-01-17T14:56:47.000000Z"}