Lucene search
MitreCVE-2007-1010HistoryFeb 21, 2007 - 11:28 a.m.
CVE-2007-1010
2007-02-2111:28:00
mitre
web.nvd.nist.gov
34
cve-2007-1010
php
remote file inclusion
zebrafeeds
vulnerability
url
arbitrary code
newsfeeds
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.6
Confidence
Low
EPSS
0.569
Percentile
97.7%
Multiple PHP remote file inclusion vulnerabilities in ZebraFeeds 1.0, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the zf_path parameter to (1) aggregator.php and (2) controller.php in newsfeeds/includes/.
Affected configurations
Node
zebrafeedszebrafeedsMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zebrafeeds | zebrafeeds | 1.0 | cpe:2.3:a:zebrafeeds:zebrafeeds:1.0:*:*:*:*:*:*:* |
References
Related
checkpoint_advisories
checkpoint_advisories
Rphp zf_path Parameter PHP Code Execution - Ver2 (CVE-2007-1010)
2015-03-26 00:00:00
cvelist
cvelist
CVE-2007-1010
2007-02-21 11:00:00
prion
prion
Remote file inclusion
2007-02-21 11:28:00
nvd
nvd
CVE-2007-1010
2007-02-21 11:28:00
exploitdb
exploitdb
ZebraFeeds 1.0 - 'zf_path' Remote File Inclusion
2007-02-15 00:00:00
securityvulns
securityvulns
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.6
Confidence
Low
EPSS
0.569
Percentile
97.7%
Related for CVE-2007-1010