Lucene search

[email protected]CVE-2007-0307

HistoryJan 18, 2007 - 12:28 a.m.

CVE-2007-0307

2007-01-1800:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-0307

php

remote file inclusion

poplar gedcom viewer 2.0

security vulnerability

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.086 Low

EPSS

Percentile

94.5%

JSON

PHP remote file inclusion vulnerability in include/common.php in Poplar Gedcom Viewer 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the env[rootPath] parameter.

CPENameOperatorVersion
poplar_gedcom_viewer:poplar_gedcom_viewerpoplar gedcom viewerle2.0
poplar_gedcom_viewer:poplar_gedcom_viewerpoplar gedcom viewereq1.2.2

CPE	Name	Operator	Version
poplar_gedcom_viewer:poplar_gedcom_viewer	poplar gedcom viewer	le	2.0
poplar_gedcom_viewer:poplar_gedcom_viewer	poplar gedcom viewer	eq	1.2.2

References

osvdb.org/32807

secunia.com/advisories/23761

www.securityfocus.com/bid/22038

www.vupen.com/english/advisories/2007/0174

www.exploit-db.com/exploits/3121

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.086 Low

EPSS

Percentile

94.5%

JSON

Related for CVE-2007-0307

prion1 securityvulns1