Lucene search

[email protected]CVE-2007-1837

HistoryApr 03, 2007 - 12:19 a.m.

CVE-2007-1837

2007-04-0300:19:00

[email protected]

web.nvd.nist.gov

102

cve-2007-1837

php

remote file inclusion

mangobery cms

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.086 Low

EPSS

Percentile

94.5%

JSON

Multiple PHP remote file inclusion vulnerabilities in MangoBery CMS 0.5.5 allow remote attackers to execute arbitrary PHP code via a URL in the Site_Path parameter to (1) boxes/quotes.php or (2) templates/mangobery/footer.sample.php.

Affected configurations

NVD

Node

mangobery_cmsmangobery_cmsMatch0.5.5

CPENameOperatorVersion
mangobery_cms:mangobery_cmsmangobery cmseq0.5.5

CPE	Name	Operator	Version
mangobery_cms:mangobery_cms	mangobery cms	eq	0.5.5

References

mangobery.svn.sourceforge.net/viewvc/mangobery?view=rev&revision=70

osvdb.org/34509

osvdb.org/34510

secunia.com/advisories/24686

www.securityfocus.com/bid/23187

www.vupen.com/english/advisories/2007/1147

exchange.xforce.ibmcloud.com/vulnerabilities/33290

www.exploit-db.com/exploits/3598

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.086 Low

EPSS

Percentile

94.5%

JSON

Related for CVE-2007-1837

prion1 cvelist1 nvd1 securityvulns1