Lucene search

[email protected]CVE-2007-1771

HistoryMar 30, 2007 - 1:19 a.m.

CVE-2007-1771

2007-03-3001:19:00

[email protected]

web.nvd.nist.gov

security

vulnerability

php

remote code execution

ay system solutions

web content system

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

High

0.09 Low

EPSS

Percentile

94.6%

JSON

PHP remote file inclusion vulnerability in manage/javascript/formjavascript.php in Ay System Solutions Web Content System (WCS) 2.7.1 allows remote attackers to execute arbitrary PHP code via a URL in the path[JavascriptEdit] parameter.

Affected configurations

NVD

Node

ay_system_solutionsweb_content_systemMatch2.7.1

CPENameOperatorVersion
ay_system_solutions:web_content_systemay system solutions web content systemeq2.7.1

CPE	Name	Operator	Version
ay_system_solutions:web_content_system	ay system solutions web content system	eq	2.7.1

References

osvdb.org/34500

secunia.com/advisories/24663

www.securityfocus.com/bid/23171

www.vupen.com/english/advisories/2007/1139

exchange.xforce.ibmcloud.com/vulnerabilities/33281

www.exploit-db.com/exploits/3592

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

High

0.09 Low

EPSS

Percentile

94.6%

JSON

Related for CVE-2007-1771

nvd1 cvelist1 prion1 securityvulns1