Lucene search

K
cve[email protected]CVE-2007-1423
HistoryMar 13, 2007 - 1:19 a.m.

CVE-2007-1423

2007-03-1301:19:00
web.nvd.nist.gov
24
php
remote file inclusion
vulnerability
work system
e-commerce
nvd
cve-2007-1423

7.6 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.066 Low

EPSS

Percentile

93.8%

Multiple PHP remote file inclusion vulnerabilities in WORK system e-commerce 3.0.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the g_include parameter to include/include_top.php and certain other PHP scripts.

Affected configurations

NVD
Node
work_system_e-commercework_system_e-commerceMatch3.0.3
OR
work_system_e-commercework_system_e-commerceMatch3.0.4
OR
work_system_e-commercework_system_e-commerceMatch3.0.5
OR
work_system_e-commercework_system_e-commerceMatch3.0.41

7.6 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.066 Low

EPSS

Percentile

93.8%

Related for CVE-2007-1423