← back
CVE-2007-1525

CVE-2007-1525

35Vexday Risk Score

No sign of exploitation. It has a public proof of concept.

ssvc Attendepss 37%
exploitation probability
37%top 2% of all CVEs
observed exploitation
nono source reports it
1 public exploit(s)
Direct static code injection vulnerability in postpost.php in Dayfox Blog (dfblog) 4 allows remote attackers to execute arbitrary PHP code via the cat parameter, which can be executed via a request to posts.php.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.