Lucene search

[email protected]CVE-2007-1233

HistoryMar 03, 2007 - 7:19 p.m.

CVE-2007-1233

2007-03-0319:19:00

CWE-94

[email protected]

web.nvd.nist.gov

cve

2007

1233

stwc-counter

php

remote file inclusion

downloadcounter.php

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

High

0.085 Low

EPSS

Percentile

94.5%

JSON

PHP remote file inclusion vulnerability in downloadcounter.php in STWC-Counter 3.4.0.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the stwc_counter_verzeichniss parameter.

Affected configurations

NVD

Node

stwc-counterstwc-counterRange≤3.4.0

stwc-counterstwc-counterMatch1.01

stwc-counterstwc-counterMatch1.1

stwc-counterstwc-counterMatch1.2

stwc-counterstwc-counterMatch1.02

stwc-counterstwc-counterMatch1.11

stwc-counterstwc-counterMatch1.12

stwc-counterstwc-counterMatch1.21

stwc-counterstwc-counterMatch1.22

stwc-counterstwc-counterMatch2.0.0

stwc-counterstwc-counterMatch2.0.1

stwc-counterstwc-counterMatch2.0.2

stwc-counterstwc-counterMatch2.1.0

stwc-counterstwc-counterMatch2.1.1

stwc-counterstwc-counterMatch2.2.0

stwc-counterstwc-counterMatch2.2.1

stwc-counterstwc-counterMatch2.2.2

stwc-counterstwc-counterMatch2.2.3

stwc-counterstwc-counterMatch2.2.4

stwc-counterstwc-counterMatch2.2.5

stwc-counterstwc-counterMatch2.2.6

stwc-counterstwc-counterMatch2.2.7

stwc-counterstwc-counterMatch2.3.0

stwc-counterstwc-counterMatch2.3.1

stwc-counterstwc-counterMatch2.4.0

stwc-counterstwc-counterMatch2.5.0

stwc-counterstwc-counterMatch2.5.1

stwc-counterstwc-counterMatch2.5.2

stwc-counterstwc-counterMatch2.6.0

stwc-counterstwc-counterMatch2.6.1

stwc-counterstwc-counterMatch2.6.2

stwc-counterstwc-counterMatch2.6.3

stwc-counterstwc-counterMatch2.6.4

stwc-counterstwc-counterMatch2.6.5

stwc-counterstwc-counterMatch2.6.6

stwc-counterstwc-counterMatch2.7.0

stwc-counterstwc-counterMatch2.7.1

stwc-counterstwc-counterMatch2.8.0

stwc-counterstwc-counterMatch2.8.1

stwc-counterstwc-counterMatch2.9.0

stwc-counterstwc-counterMatch2.9.1

stwc-counterstwc-counterMatch3.0.0

stwc-counterstwc-counterMatch3.0.1

stwc-counterstwc-counterMatch3.0.2

stwc-counterstwc-counterMatch3.0.3

stwc-counterstwc-counterMatch3.1.0

stwc-counterstwc-counterMatch3.2.0

stwc-counterstwc-counterMatch3.3.0

CPENameOperatorVersion
stwc-counter:stwc-counterstwc-counterle3.4.0
stwc-counter:stwc-counterstwc-countereq1.01
stwc-counter:stwc-counterstwc-countereq1.1
stwc-counter:stwc-counterstwc-countereq1.2
stwc-counter:stwc-counterstwc-countereq1.02
stwc-counter:stwc-counterstwc-countereq1.11
stwc-counter:stwc-counterstwc-countereq1.12
stwc-counter:stwc-counterstwc-countereq1.21
stwc-counter:stwc-counterstwc-countereq1.22
stwc-counter:stwc-counterstwc-countereq2.0.0

CPE	Name	Operator	Version
stwc-counter:stwc-counter	stwc-counter	le	3.4.0
stwc-counter:stwc-counter	stwc-counter	eq	1.01
stwc-counter:stwc-counter	stwc-counter	eq	1.1
stwc-counter:stwc-counter	stwc-counter	eq	1.2
stwc-counter:stwc-counter	stwc-counter	eq	1.02
stwc-counter:stwc-counter	stwc-counter	eq	1.11
stwc-counter:stwc-counter	stwc-counter	eq	1.12
stwc-counter:stwc-counter	stwc-counter	eq	1.21
stwc-counter:stwc-counter	stwc-counter	eq	1.22
stwc-counter:stwc-counter	stwc-counter	eq	2.0.0

Rows per page:

1-10 of 481

References

osvdb.org/33777

secunia.com/advisories/24280

www.securityfocus.com/bid/22723

www.vupen.com/english/advisories/2007/0754

exchange.xforce.ibmcloud.com/vulnerabilities/32681

www.exploit-db.com/exploits/3379

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

High

0.085 Low

EPSS

Percentile

94.5%

JSON

Related for CVE-2007-1233

cvelist1 nvd1 prion1 securityvulns1