CVE-2007-2660

Published: May 14, 2007Modified: Apr 23, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

PHP remote file inclusion vulnerability in pcltrace.lib.php in the PclTar module in Vincent Blavet PhpConcept Library, as used in CJG EXPLORER PRO 3.3 and earlier and probably other products, allows remote attackers to execute arbitrary PHP code via a URL in the g_pcltar_lib_dir parameter. NOTE: CVE disputes this issue since there is no include statement in pcltrace.lib.php. NOTE: the pcltar.lib.php vector is already covered by CVE-2007-2199

Affected (2)

Products: Cjg Explorer Pro: Cjg Explorer Pro · Vincent Blavet: Phpconcept Library

Cjg Explorer Pro

1 product

Cjg Explorer Pro

1 product

Phpconcept Library

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Cjg Explorer Pro Cjg Explorer Pro	Up to 3.3
Vincent Blavet Phpconcept Library	All versions

References (12)

http://osvdb.org/36010

Source: cve@mitre.org

http://secunia.com/advisories/25230

Source: cve@mitre.org

Vendor Advisory

http://www.attrition.org/pipermail/vim/2007-May/001618.html

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/1786

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/34273

Source: cve@mitre.org

https://www.exploit-db.com/exploits/3915

Source: cve@mitre.org

http://osvdb.org/36010

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/25230

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.attrition.org/pipermail/vim/2007-May/001618.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2007/1786

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/34273

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.exploit-db.com/exploits/3915

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.