{"vulnerability": "cve-2007-4290", "sightings": [{"uuid": "b09233fb-2de5-429d-a2cb-18b2c6c17805", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2007-4290", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2132", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2007-4290\n\ud83d\udd39 Description: Multiple PHP remote file inclusion vulnerabilities in Guestbook Script 1.9 allow remote attackers to execute arbitrary PHP code via a URL in the script_root parameter to (1) delete.php, (2) edit.php, or (3) inc/common.inc.php; or (4) database.php, (5) entries.php, (6) index.php, (7) logout.php, or (8) settings.php in admin/.  NOTE: a third party disputes this vulnerability, noting that these scripts defend against direct requests\n\ud83d\udccf Published: 2007-08-09T21:00:00\n\ud83d\udccf Modified: 2025-01-17T14:45:54.074Z\n\ud83d\udd17 References:\n1. https://exchange.xforce.ibmcloud.com/vulnerabilities/35876\n2. http://securityreason.com/securityalert/2988\n3. http://www.securityfocus.com/archive/1/475854/100/0/threaded\n4. http://www.securityfocus.com/archive/1/476010/100/0/threaded", "creation_timestamp": "2025-01-17T14:56:41.000000Z"}]}