CVE-2007-2736

CVE Database · CVE-2007-2736

CVE-2007-2736

· N/AModified

CVSS v3.1

N/A

EPSS

4.09%

Published

May 17, 2007

Modified

Apr 22, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBAchievo 1.1.0 - 'config_atkroot' Remote File Inclusion TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter.

Affected Products (18)

apple · a_ux

apple · mac_os_x

hp · hp-ux

hp · tru64

ibm · os2

linux · linux_kernel

microsoft · windows_2000

microsoft · windows_2003_server

microsoft · windows_95

microsoft · windows_98

microsoft · windows_98se

microsoft · windows_me

microsoft · windows_nt

microsoft · windows_xp

References (8)

http://osvdb.org/37919

http://www.securityfocus.com/bid/23992

https://exchange.xforce.ibmcloud.com/vulnerabilities/34305

https://www.exploit-db.com/exploits/3928

http://osvdb.org/37919

http://www.securityfocus.com/bid/23992

https://exchange.xforce.ibmcloud.com/vulnerabilities/34305

https://www.exploit-db.com/exploits/3928

KEV Catalog EPSS Scores Vendors All CVEs