Lucene search

[email protected]CVE-2007-0677

HistoryFeb 03, 2007 - 1:28 a.m.

CVE-2007-0677

2007-02-0301:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-0677

php

remote file inclusion

vulnerability

cadre php framework

security

nvd

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.093 Low

EPSS

Percentile

94.6%

JSON

PHP remote file inclusion vulnerability in fw/class.Quick_Config_Browser.php in Cadre PHP Framework 20020724 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[config][framework_path] parameter.

CPENameOperatorVersion
cronosys:cadre_php_frameworkcronosys cadre php frameworkeq22020724

CPE	Name	Operator	Version
cronosys:cadre_php_framework	cronosys cadre php framework	eq	22020724

References

echo.or.id/adv/adv63-y3dips-2007.txt

osvdb.org/33631

securityreason.com/securityalert/2215

www.securityfocus.com/archive/1/458681/100/0/threaded

www.securityfocus.com/bid/22336

www.vupen.com/english/advisories/2007/0449

exchange.xforce.ibmcloud.com/vulnerabilities/32005

www.exploit-db.com/exploits/3237

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.093 Low

EPSS

Percentile

94.6%

JSON

Related for CVE-2007-0677

prion1 securityvulns1