Lucene search

[email protected]CVE-2007-0861

HistoryFeb 09, 2007 - 1:28 a.m.

CVE-2007-0861

2007-02-0901:28:00

[email protected]

web.nvd.nist.gov

cve-2007-0861

php

remote file inclusion

vulnerability

phpcoin

nvd

7.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.5%

JSON

PHP remote file inclusion vulnerability in modules/mail/index.php in phpCOIN RC-1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _CCFG[‘_PKG_PATH_MDLS’] parameter. NOTE: this issue has been disputed by a reliable third party, who states that a fatal error occurs before the relevant code is reached

Affected configurations

NVD

Node

phpcoinphpcoinRange≤rc1

CPENameOperatorVersion
phpcoin:phpcoinphpcoinlerc1

CPE	Name	Operator	Version
phpcoin:phpcoin	phpcoin	le	rc1

References

osvdb.org/33591

securityreason.com/securityalert/2230

www.securityfocus.com/archive/1/458064/100/200/threaded

www.securityfocus.com/archive/1/458080/100/200/threaded

7.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.5%

JSON

Related for CVE-2007-0861

prion1 nvd1 cvelist1 securityvulns1