Lucene search

[email protected]CVE-2007-1118

HistoryFeb 27, 2007 - 2:28 a.m.

CVE-2007-1118

2007-02-2702:28:00

[email protected]

web.nvd.nist.gov

cve

2007

1118

php

remote

file inclusion

efiction

vulnerabilities

nvd

7.7 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.107 Low

EPSS

Percentile

95.1%

JSON

Multiple PHP remote file inclusion vulnerabilities in eFiction 3.1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path_to_smf parameter to (1) bridges/SMF/logout.php or (2) get_session_vars.php.

Affected configurations

NVD

Node

efictionefictionRange≤3.1.1

CPENameOperatorVersion
efiction:efictionefictionle3.1.1

CPE	Name	Operator	Version
efiction:efiction	efiction	le	3.1.1

References

osvdb.org/33526

osvdb.org/33527

secunia.com/advisories/24268

www.securityfocus.com/bid/22682

www.vupen.com/english/advisories/2007/0708

exchange.xforce.ibmcloud.com/vulnerabilities/32662

www.exploit-db.com/exploits/3361

7.7 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.107 Low

EPSS

Percentile

95.1%

JSON

Related for CVE-2007-1118

prion1 nvd1 cvelist1 securityvulns1