Lucene search

MitreCVE-2007-0820

HistoryFeb 07, 2007 - 8:28 p.m.

CVE-2007-0820

2007-02-0720:28:00

mitre

web.nvd.nist.gov

php

remote file inclusion

vulnerability

cedric claire portailphp 2

execution

arbitrary code

url

security

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

Low

EPSS

0.1

Percentile

94.9%

JSON

Multiple PHP remote file inclusion vulnerabilities in Cedric CLAIRE PortailPhp 2 allow remote attackers to execute arbitrary PHP code via a URL in the chemin parameter to (1) mod_news/index.php, (2) mod_news/goodies.php, or (3) mod_search/index.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

Nvd

Node

cedricclaire_portailphpMatch2

VendorProductVersionCPE
cedricclaire_portailphp2cpe:2.3:a:cedric:claire_portailphp:2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cedric	claire_portailphp	2	cpe:2.3:a:cedric:claire_portailphp:2:::::::*

References

osvdb.org/35756

osvdb.org/35757

osvdb.org/35758

www.securityfocus.com/bid/22381

www.securityfocus.com/bid/28867

exchange.xforce.ibmcloud.com/vulnerabilities/42123

Social References

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

Low

EPSS

0.1

Percentile

94.9%

JSON

Related for CVE-2007-0820