Lucene search

[email protected]CVE-2007-2142

HistoryApr 19, 2007 - 10:19 a.m.

CVE-2007-2142

2007-04-1910:19:00

[email protected]

web.nvd.nist.gov

cve-2007-2142

php

remote file inclusion

ajportal2php

security vulnerability

7.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.437 Medium

EPSS

Percentile

97.4%

JSON

Multiple PHP remote file inclusion vulnerabilities in AjPortal2Php allow remote attackers to execute arbitrary PHP code via a URL in the PagePrefix parameter to (1) begin.inc.php, (2) connection.inc.php, (3) events.inc.php, (4) footer.inc.php, (5) header.inc.php, (6) menuleft.inc.php, or (7) pages.inc.php in includes/.

Affected configurations

NVD

Node

ajportal2phpajportal2php

CPENameOperatorVersion
ajportal2php:ajportal2phpajportal2phpeq*

CPE	Name	Operator	Version
ajportal2php:ajportal2php	ajportal2php	eq	*

References

osvdb.org/37565

osvdb.org/37566

osvdb.org/37567

osvdb.org/37568

osvdb.org/37569

osvdb.org/37570

osvdb.org/37571

www.securityfocus.com/bid/23525

www.vupen.com/english/advisories/2007/1428

exchange.xforce.ibmcloud.com/vulnerabilities/33703

www.exploit-db.com/exploits/3752

Social References

7.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.437 Medium

EPSS

Percentile

97.4%

JSON

Related for CVE-2007-2142

cvelist1 prion1 nvd1