Lucene search

[email protected]CVE-2007-2262

HistoryApr 25, 2007 - 5:19 p.m.

CVE-2007-2262

2007-04-2517:19:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2007-2262

php

remote file inclusion

sinato jmuffin

html

detail.php

vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.098 Low

EPSS

Percentile

94.9%

JSON

Multiple PHP remote file inclusion vulnerabilities in html/php/detail.php in Sinato jmuffin allow remote attackers to execute arbitrary PHP code via a URL in the (1) relPath and (2) folder parameters. NOTE: this product was originally reported as “File117”.

Affected configurations

NVD

Node

sinatojmuffin

CPENameOperatorVersion
sinato:jmuffinsinato jmuffineq*

CPE	Name	Operator	Version
sinato:jmuffin	sinato jmuffin	eq	*

References

osvdb.org/35612

securityreason.com/securityalert/2626

www.securityfocus.com/archive/1/466675/100/0/threaded

www.securityfocus.com/bid/23600

www.securityfocus.com/bid/23655

www.vupen.com/english/advisories/2007/1520

exchange.xforce.ibmcloud.com/vulnerabilities/33815

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.098 Low

EPSS

Percentile

94.9%

JSON

Related for CVE-2007-2262

nvd1 prion1 cvelist1