Lucene search

[email protected]CVE-2007-1571

HistoryMar 21, 2007 - 9:19 p.m.

CVE-2007-1571

2007-03-2121:19:00

[email protected]

web.nvd.nist.gov

107

cve-2007-1571

php

remote file inclusion

vulnerability

radical designs

activist mobilization platform

amp 3.2

register_globals

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.147 Low

EPSS

Percentile

95.8%

JSON

PHP remote file inclusion vulnerability in includes/base.php in Radical Designs Activist Mobilization Platform (AMP) 3.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the base_path parameter.

Affected configurations

NVD

Node

radical_designsactivist_mobilization_platformRange≤3.2

CPENameOperatorVersion
radical_designs:activist_mobilization_platformradical designs activist mobilization platformle3.2

CPE	Name	Operator	Version
radical_designs:activist_mobilization_platform	radical designs activist mobilization platform	le	3.2

References

advisories.echo.or.id/adv/adv71-theday-2007.txt

www.securityfocus.com/archive/1/462805/100/100/threaded

www.vupen.com/english/advisories/2007/0939

exchange.xforce.ibmcloud.com/vulnerabilities/33009

www.exploit-db.com/exploits/3471

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.147 Low

EPSS

Percentile

95.8%

JSON

Related for CVE-2007-1571

prion1 cvelist1 checkpoint_advisories1 nvd1 securityvulns1