Lucene search
HistoryMar 13, 2007 - 1:19 a.m.
CVE-2007-1423
php
remote file inclusion
vulnerability
work system
e-commerce
nvd
cve-2007-1423
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.6
Confidence
Low
EPSS
0.066
Percentile
93.8%
Multiple PHP remote file inclusion vulnerabilities in WORK system e-commerce 3.0.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the g_include parameter to include/include_top.php and certain other PHP scripts.
Affected configurations
Node
work_system_e-commercework_system_e-commerceMatch3.0.3
ORwork_system_e-commercework_system_e-commerceMatch3.0.4
ORwork_system_e-commercework_system_e-commerceMatch3.0.5
ORwork_system_e-commercework_system_e-commerceMatch3.0.41
| Vendor | Product | Version | CPE |
|---|---|---|---|
| work_system_e-commerce | work_system_e-commerce | 3.0.3 | cpe:/a:work_system_e-commerce:work_system_e-commerce:3.0.3::: |
| work_system_e-commerce | work_system_e-commerce | 3.0.41 | cpe:/a:work_system_e-commerce:work_system_e-commerce:3.0.41::: |
| work_system_e-commerce | work_system_e-commerce | 3.0.4 | cpe:/a:work_system_e-commerce:work_system_e-commerce:3.0.4::: |
| work_system_e-commerce | work_system_e-commerce | 3.0.5 | cpe:/a:work_system_e-commerce:work_system_e-commerce:3.0.5::: |
Related
cvelist
cvelist
CVE-2007-1423
2007-03-13 01:00:00
nvd
nvd
CVE-2007-1423
2007-03-13 01:19:00
prion
prion
Remote file inclusion
2007-03-13 01:19:00
securityvulns
securityvulns
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.6
Confidence
Low
EPSS
0.066
Percentile
93.8%
Related for CVE-2007-1423