Lucene search
HistoryApr 19, 2007 - 10:19 a.m.
CVE-2007-2141
cve
2007
2141
static code injection
vulnerability
shoutbox.php
shoutpro 1.5.2
remote attackers
php code
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.2 High
AI Score
Confidence
High
0.133 Low
EPSS
Percentile
95.6%
Direct static code injection vulnerability in shoutbox.php in ShoutPro 1.5.2 allows remote attackers to inject arbitrary PHP code into shouts.php via the shout parameter.
Affected configurations
Node
shoutproshoutproRange≤1.5.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| shoutpro:shoutpro | shoutpro | le | 1.5.2 |
Related
canvas
canvas
Immunity Canvas: SHOUTPRO_EXEC
2007-04-19 10:19:00
nvd
nvd
CVE-2007-2141
2007-04-19 10:19:00
cvelist
cvelist
CVE-2007-2141
2007-04-19 10:00:00
prion
prion
Code injection
2007-04-19 10:19:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.2 High
AI Score
Confidence
High
0.133 Low
EPSS
Percentile
95.6%
Related for CVE-2007-2141