Lucene search

[email protected]CVE-2007-2089

HistoryApr 18, 2007 - 10:19 a.m.

CVE-2007-2089

2007-04-1810:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-2089

remote file inclusion

jx development article

mambo

joomla

php code execution

nvd

8.5 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.066 Low

EPSS

Percentile

93.7%

JSON

Multiple PHP remote file inclusion vulnerabilities in the Jx Development Article 1.1 and earlier component for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter to com_articles.php in (1) components/ or (2) classes/html/.

CPENameOperatorVersion
jx_development:article_componentjx development article componentle1.1

CPE	Name	Operator	Version
jx_development:article_component	jx development article component	le	1.1

References

www.securityfocus.com/archive/1/466059/100/0/threaded

www.securityfocus.com/bid/23513

www.vupen.com/english/advisories/2007/1394

exchange.xforce.ibmcloud.com/vulnerabilities/33663

www.exploit-db.com/exploits/3736

8.5 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.066 Low

EPSS

Percentile

93.7%

JSON

Related for CVE-2007-2089

prion1