Lucene search

[email protected]CVE-2007-0232

HistoryJan 13, 2007 - 2:28 a.m.

CVE-2007-0232

2007-01-1302:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-0232

php

remote file inclusion

jshop server 1.3

security vulnerability

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.1 Low

EPSS

Percentile

94.8%

JSON

PHP remote file inclusion vulnerability in routines/fieldValidation.php in Jshop Server 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the jssShopFileSystem parameter.

CPENameOperatorVersion
jshop_e-commerce:jshop_serverjshop e-commerce jshop servereq1.3

CPE	Name	Operator	Version
jshop_e-commerce:jshop_server	jshop e-commerce jshop server	eq	1.3

References

osvdb.org/33459

securityreason.com/securityalert/2146

www.securityfocus.com/archive/1/456591/100/0/threaded

www.securityfocus.com/bid/21995

exchange.xforce.ibmcloud.com/vulnerabilities/31425

www.exploit-db.com/exploits/3113

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.1 Low

EPSS

Percentile

94.8%

JSON

Related for CVE-2007-0232

prion1 securityvulns1