DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2007-1372", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2007-1372", "description": "PHP remote file inclusion vulnerability in styles/internal/header.php in the PostGuestbook 0.6.1 module for PHP-Nuke allows remote attackers to execute arbitrary PHP code via a URL in the tpl_pgb_moddir parameter.", "published": "2007-03-10T00:19:00", "modified": "2017-10-11T01:31:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 10.0}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-1372", "reporter": "cve@mitre.org", "references": ["http://www.securityfocus.com/bid/22858", "http://osvdb.org/36320", "http://www.vupen.com/english/advisories/2007/0880", "https://exchange.xforce.ibmcloud.com/vulnerabilities/32866", "https://www.exploit-db.com/exploits/3423"], "cvelist": ["CVE-2007-1372"], "immutableFields": [], "lastseen": "2022-03-23T11:53:56", "viewCount": 85, "enchantments": {"dependencies": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2014-0056", "CPAI-2014-0818"]}, {"type": "exploitdb", "idList": ["EDB-ID:3423"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7370"]}], "rev": 4}, "score": {"value": 7.7, "vector": "NONE"}, "backreferences": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2014-0056"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7370"]}]}, "exploitation": null, "vulnersScore": 7.7}, "_state": {"dependencies": 0}, "_internal": {}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": ["cpe:/a:postguestbook:postguestbook:0.6.1"], "cpe23": ["cpe:2.3:a:postguestbook:postguestbook:0.6.1:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"], "affectedSoftware": [{"cpeName": "postguestbook:postguestbook", "version": "0.6.1", "operator": "eq", "name": "postguestbook"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:postguestbook:postguestbook:0.6.1:*:*:*:*:*:*:*", "cpe_name": []}]}]}, "extraReferences": [{"url": "http://www.securityfocus.com/bid/22858", "name": "22858", "refsource": "BID", "tags": ["Exploit"]}, {"url": "http://osvdb.org/36320", "name": "36320", "refsource": "OSVDB", "tags": []}, {"url": "http://www.vupen.com/english/advisories/2007/0880", "name": "ADV-2007-0880", "refsource": "VUPEN", "tags": []}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32866", "name": "postguestbook-header-file-include(32866)", "refsource": "XF", "tags": []}, {"url": "https://www.exploit-db.com/exploits/3423", "name": "3423", "refsource": "EXPLOIT-DB", "tags": []}]}

{"checkpoint_advisories": [{"lastseen": "2021-12-17T20:17:06", "description": "A code execution vulnerability has been reported in Postguestbook. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.", "cvss3": {}, "published": "2014-01-07T00:00:00", "type": "checkpoint_advisories", "title": "Postguestbook CONF_CONFIG_PATH Parameter PHP Code Execution - Ver2 (CVE-2007-1372)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-1372"], "modified": "2014-01-07T00:00:00", "id": "CPAI-2014-0056", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-29T11:31:42", "description": "A code execution vulnerability has been reported in Postguestbook. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.", "cvss3": {}, "published": "2014-02-03T00:00:00", "type": "checkpoint_advisories", "title": "Postguestbook CONF_CONFIG_PATH Parameter PHP Code Execution - Ver2 (CVE-2007-1372)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2007-1372"], "modified": "2022-06-29T00:00:00", "id": "CPAI-2014-0818", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}}], "securityvulns": [{"lastseen": "2021-06-08T18:53:44", "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 2, "cvss3": {}, "published": "2007-03-10T00:00:00", "title": "Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2007-1392", "CVE-2007-1361", "CVE-2007-1300", "CVE-2007-1410", "CVE-2007-1417", "CVE-2007-1432", "CVE-2007-1343", "CVE-2007-1292", "CVE-2007-1372", "CVE-2007-1449", "CVE-2007-1374", "CVE-2007-1450", "CVE-2007-1409", "CVE-2007-1341", "CVE-2007-1433", "CVE-2007-1424", "CVE-2007-1368", "CVE-2007-1360", "CVE-2007-1436", "CVE-2007-1437", "CVE-2007-1415", "CVE-2007-1421", "CVE-2007-1434", "CVE-2007-1344"], "modified": "2007-03-10T00:00:00", "id": "SECURITYVULNS:VULN:7370", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:7370", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}