Lucene search

[email protected]CVE-2007-2347

HistoryApr 27, 2007 - 5:19 p.m.

CVE-2007-2347

2007-04-2717:19:00

[email protected]

web.nvd.nist.gov

cve-2007-2347

php

remote file inclusion

oneclick cms

sisplet cms

vulnerability

nvd

7.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.066 Low

EPSS

Percentile

93.8%

JSON

PHP remote file inclusion vulnerability in main/forum/komentar.php in OneClick CMS (aka Sisplet CMS) 05.10 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the site_path parameter.

Affected configurations

NVD

Node

oneclick_cmsoneclick_cmsRange≤05.10

sisplet_cmssisplet_cmsRange≤05.10

CPENameOperatorVersion
oneclick_cms:oneclick_cmsoneclick cmsle05.10
sisplet_cms:sisplet_cmssisplet cmsle05.10

CPE	Name	Operator	Version
oneclick_cms:oneclick_cms	oneclick cms	le	05.10
sisplet_cms:sisplet_cms	sisplet cms	le	05.10

References

osvdb.org/35618

www.securityfocus.com/bid/23334

www.vupen.com/english/advisories/2007/1281

exchange.xforce.ibmcloud.com/vulnerabilities/33455

www.exploit-db.com/exploits/3667

7.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.066 Low

EPSS

Percentile

93.8%

JSON

Related for CVE-2007-2347

prion1 nvd1 cvelist1