Lucene search

[email protected]CVE-2007-2272

HistoryApr 25, 2007 - 8:19 p.m.

CVE-2007-2272

2007-04-2520:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

awbs

2.4.0

php

remote file inclusion

vulnerability

cart2.php

security

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.037 Low

EPSS

Percentile

91.6%

JSON

PHP remote file inclusion vulnerability in docs/front-end-demo/cart2.php in Advanced Webhost Billing System (AWBS) 2.4.0 allows remote attackers to execute arbitrary PHP code via a URL in the workdir parameter.

CPENameOperatorVersion
advanced_webhost_billing_system:advanced_webhost_billing_systemadvanced webhost billing systemeq2.4.0

CPE	Name	Operator	Version
advanced_webhost_billing_system:advanced_webhost_billing_system	advanced webhost billing system	eq	2.4.0

References

secunia.com/advisories/25046

www.securityfocus.com/bid/23633

exchange.xforce.ibmcloud.com/vulnerabilities/33860

www.exploit-db.com/exploits/3795

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.037 Low

EPSS

Percentile

91.6%

JSON

Related for CVE-2007-2272

prion1