Lucene search

MitreCVE-2007-1514

HistoryMar 20, 2007 - 10:19 a.m.

CVE-2007-1514

2007-03-2010:19:00

mitre

web.nvd.nist.gov

php

remote file inclusion

vulnerability

viperweb portal

security

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

High

EPSS

0.056

Percentile

93.3%

JSON

PHP remote file inclusion vulnerability in index.php in ViperWeb Portal alpha 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the modpath parameter.

Affected configurations

Nvd

Node

viperwebportalMatch0.1_alpha

VendorProductVersionCPE
viperwebportal0.1_alphacpe:2.3:a:viperweb:portal:0.1_alpha:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
viperweb	portal	0.1_alpha	cpe:2.3:a:viperweb:portal:0.1_alpha:::::::*

References

osvdb.org/34310

securityreason.com/securityalert/2449

www.securityfocus.com/archive/1/462930/100/0/threaded

www.securityfocus.com/bid/22979

exchange.xforce.ibmcloud.com/vulnerabilities/33034

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

High

EPSS

0.056

Percentile

93.3%

JSON

Related for CVE-2007-1514