Lucene search

[email protected]CVE-2007-1393

HistoryMar 10, 2007 - 10:19 p.m.

CVE-2007-1393

2007-03-1022:19:00

[email protected]

web.nvd.nist.gov

cve-2007-1393

nvd

php

remote file inclusion

magic cms 4.2.747

vulnerability

security

url

file parameter

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

High

0.156 Low

EPSS

Percentile

96.0%

JSON

PHP remote file inclusion vulnerability in mysave.php in Magic CMS 4.2.747 allows remote attackers to execute arbitrary PHP code via a URL in the file parameter.

Affected configurations

NVD

Node

geo_softmagic_cmsMatch4.2.747

CPENameOperatorVersion
geo_soft:magic_cmsgeo soft magic cmseq4.2.747

CPE	Name	Operator	Version
geo_soft:magic_cms	geo soft magic cms	eq	4.2.747

References

osvdb.org/33893

secunia.com/advisories/24439

www.securityfocus.com/bid/22162

www.vupen.com/english/advisories/2007/0881

exchange.xforce.ibmcloud.com/vulnerabilities/32883

www.exploit-db.com/exploits/3438

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

High

0.156 Low

EPSS

Percentile

96.0%

JSON

Related for CVE-2007-1393

nvd1 prion1 cvelist1 securityvulns1