Lucene search

[email protected]CVE-2007-2008

HistoryApr 12, 2007 - 7:19 p.m.

CVE-2007-2008

2007-04-1219:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

2007

2008

directory traversal

admin.php

pl-php beta 0.9

remote attack

arbitrary execution

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

80.9%

JSON

Directory traversal vulnerability in admin.php in pL-PHP beta 0.9 allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the lang parameter.

CPENameOperatorVersion
pl-php:pl-phppl-phpeq0.9_beta

CPE	Name	Operator	Version
pl-php:pl-php	pl-php	eq	0.9_beta

References

www.securityfocus.com/archive/1/465340/100/0/threaded

www.vupen.com/english/advisories/2007/1352

www.exploit-db.com/exploits/3704

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

80.9%

JSON

Related for CVE-2007-2008

prion1 malwarebytes1 securityvulns1