Lucene search

[email protected]CVE-2007-2205

HistoryApr 24, 2007 - 8:19 p.m.

CVE-2007-2205

2007-04-2420:19:00

[email protected]

web.nvd.nist.gov

php

remote file inclusion

vulnerability

lan management system

lms

cve-2007-2205

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.081 Low

EPSS

Percentile

94.4%

JSON

PHP remote file inclusion vulnerability in modules/rtmessageadd.php in LAN Management System (LMS) 1.5.3, and possibly 1.5.4, allows remote attackers to execute arbitrary PHP code via a URL in the _LIB_DIR parameter, a different vector than CVE-2007-1643.

Affected configurations

NVD

Node

lan_management_systemlan_management_systemMatch1.5.3

lan_management_systemlan_management_systemMatch1.5.4

CPENameOperatorVersion
lan_management_system:lan_management_systemlan management systemeq1.5.3
lan_management_system:lan_management_systemlan management systemeq1.5.4

CPE	Name	Operator	Version
lan_management_system:lan_management_system	lan management system	eq	1.5.3
lan_management_system:lan_management_system	lan management system	eq	1.5.4

References

osvdb.org/35480

securityreason.com/securityalert/2630

www.attrition.org/pipermail/vim/2007-April/001560.html

www.securityfocus.com/archive/1/466664/100/0/threaded

www.securityfocus.com/bid/23611

exchange.xforce.ibmcloud.com/vulnerabilities/33819

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.081 Low

EPSS

Percentile

94.4%

JSON

Related for CVE-2007-2205

prion3 cvelist3 nvd3 cve2 securityvulns1