CVE-2007-6652

EPSS 5.79% · P91 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-6652

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

cpie.php in XCMS 1.83 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct direct static code injection attacks and execute arbitrary code via the testo_0 parameter in a cpie admin action to index.php, which writes to dati/generali/footer.dtb (aka the XCMS footer).

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

XCMS 'ceip.php' 代码注入漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

XCMS 1.83以及更早的版本中的ceip.php脚本可以在不退出的情况下发送一个重定向请求给Web浏览器，这使得远程攻击者可以通过testo_0参数实施定向状态代码注入攻击并且执行任意代码，管理并操作index.php这使得dati/generali/footer.dtb可以被写入(我们通常知道，这是一个XCMS 页脚)。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2007-6652

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2007-6652

请登录查看更多情报信息。

https://www.exploit-db.com/exploits/4813exploitx_refsource_EXPLOIT-DB
http://secunia.com/advisories/28256third-party-advisoryx_refsource_SECUNIA
http://osvdb.org/40277vdb-entryx_refsource_OSVDB
https://exchange.xforce.ibmcloud.com/vulnerabilities/39346vdb-entryx_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2007-6652

Same Patch Batch · n/a · 2008-01-04 · 54 CVEs total

CVE-2007-6622		ZeusCMS 'security.php' SQL脚本漏洞
CVE-2007-6637		Adobe Flash Player多个跨站脚本漏洞
CVE-2007-6632		Xml2owl 'showCode.php'代码注入漏洞
CVE-2007-6635		FAQMasterFlexPlus 敏感信息泄露漏洞
CVE-2007-6634		FAQMasterFlexPlus 'faq.php'多个SQL注入漏洞
CVE-2007-6633		FAQMasterFlexPlus 'aq.php' 跨站脚本漏洞
CVE-2007-6636		Bitflu StorageFarabDb模块未明漏洞
CVE-2007-6625		Novell IDM Fan-Out驱动平台服务拒绝服务攻击漏洞
CVE-2007-6624		PNPHPBB2 'printview.php' 目录遍历漏洞
CVE-2007-6623		ZeusCMS 绝对路径遍历漏洞
CVE-2007-6626		LScube Feng RTSP_valid_response_msg函数缓冲区溢出漏洞
CVE-2007-6621		Joovili 'joovili.images.php'目录遍历漏洞
CVE-2007-6620		Joovili 'include/images.inc.php'目录遍历漏洞
CVE-2008-0092		Appalachian State University phpWebSitephpWebSite 'index.php'跨站脚本漏洞
CVE-2008-0091		AGENCY4NET WEBFTP 'download2.php'目录遍历漏洞
CVE-2008-0090		DivX Player缓冲区错误漏洞
CVE-2008-0089		ClipShare 'uprofile.php' SQL注入漏洞
CVE-2007-6646		LiveCart 多个跨站脚本漏洞
CVE-2007-6645		Joomla! 用户权限提升漏洞
CVE-2007-6644		Joomla! 远程管理员权限设置漏洞

Showing top 20 of 54 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2007-6652

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2007-6652

I. Basic Information for CVE-2007-6652

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2007-6652

III. Intelligence Information for CVE-2007-6652

Same Patch Batch · n/a · 2008-01-04 · 54 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2007-6652

Leave a comment