CVE-2007-5163

Severity CVSS v4.0:
Pending analysis
Type:
CWE-94 Code Injection
Publication date:
01/10/2007
Last modified:
09/04/2025

Description

PHP remote file inclusion vulnerability in includes/functions/layout.php in Nexty 1.01.A Beta allows remote attackers to execute arbitrary PHP code via a URL in the rel parameter. NOTE: this issue is disputed by CVE because the applicable include is in a function that is not called on a direct request

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:nexty:nexty:1.01._abeta:*:*:*:*:*:*:*