CVE-2007-1967
CVE-2007-1967 is a medium-severity vulnerability in Stat12 with a CVSS 2.0 base score of 6.8. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Medium (CVSS 2.0 base score 6.8)
- EPSS exploit prediction: 1% (68th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Stat12
- Published:
- Last modified:
Description
PHP remote file inclusion vulnerability in index.php in stat12 allows remote attackers to execute arbitrary PHP code via a URL in the langpath parameter. NOTE: this issue was published by an unreliable researcher, and there is little information to determine which product is actually affected. This is probably an invalid report based on analysis by CVE and a third party
Frequently asked questions
- What is CVE-2007-1967?
- PHP remote file inclusion vulnerability in index.php in stat12 allows remote attackers to execute arbitrary PHP code via a URL in the langpath parameter. NOTE: this issue was published by an unreliable researcher, and there is little information to determine which product is actually affected. This is probably an invalid report based on analysis by CVE and a third party
- How severe is CVE-2007-1967?
- CVE-2007-1967 has a CVSS 2.0 base score of 6.8, rated medium severity.
- Is CVE-2007-1967 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (68th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2007-1967?
- CVE-2007-1967 affects Stat12. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2007-1967?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2007-1967 published?
- CVE-2007-1967 was published on 2007-04-11 and last updated on 2026-06-16.
References
- http://securityreason.com/securityalert/2555
- http://www.attrition.org/pipermail/vim/2007-April/001488.html
- http://www.attrition.org/pipermail/vim/2007-April/001508.html
- http://www.securityfocus.com/archive/1/464582/100/0/threaded
Affected products (1)
- cpe:2.3:a:stat12:stat12:*:*:*:*:*:*:*:*