Lucene search

[email protected]CVE-2007-1596

HistoryMar 22, 2007 - 11:19 p.m.

CVE-2007-1596

2007-03-2223:19:00

[email protected]

web.nvd.nist.gov

cve-2007-1596

php

remote file inclusion

nfn address book

mambo

joomla

vulnerability

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.098 Low

EPSS

Percentile

94.9%

JSON

Multiple PHP remote file inclusion vulnerabilities in the NFN Address Book (com_nfn_addressbook) 0.4 component for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) components/com_nfn_addressbook/nfnaddressbook.php or (2) administrator/components/com_nfn_addressbook/nfnaddressbook.php.

Affected configurations

NVD

Node

joomlanfn_address_bookMatch0.4

mambonfn_address_bookMatch0.4

CPENameOperatorVersion
joomla:nfn_address_bookjoomla nfn address bookeq0.4
mambo:nfn_address_bookmambo nfn address bookeq0.4

CPE	Name	Operator	Version
joomla:nfn_address_book	joomla nfn address book	eq	0.4
mambo:nfn_address_book	mambo nfn address book	eq	0.4

References

osvdb.org/43553

osvdb.org/43554

www.securityfocus.com/bid/23092

www.vupen.com/english/advisories/2007/1073

exchange.xforce.ibmcloud.com/vulnerabilities/33133

www.exploit-db.com/exploits/3539

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.098 Low

EPSS

Percentile

94.9%

JSON

Related for CVE-2007-1596

prion1 cvelist1 nvd1 securityvulns1