Lucene search

MitreCVE-2007-2481

HistoryMay 03, 2007 - 5:19 p.m.

CVE-2007-2481

2007-05-0317:19:00

mitre

web.nvd.nist.gov

cve-2007-2481

php

remote file inclusion

vulnerability

wordtube

wordpress

register_globals

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

High

EPSS

0.128

Percentile

95.6%

JSON

PHP remote file inclusion vulnerability in wordtube-button.php in the wordTube 1.43 and earlier plugin for WordPress, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the wpPATH parameter.

Affected configurations

Nvd

Node

ruben_boelingerwordtubeRange≤1.43

VendorProductVersionCPE
ruben_boelingerwordtube*cpe:2.3:a:ruben_boelinger:wordtube:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ruben_boelinger	wordtube	*	cpe:2.3:a:ruben_boelinger:wordtube::::::::

References

advisories.echo.or.id/adv/adv81-K-159-2007.txt

alexrabe.boelinger.com/

osvdb.org/34358

secunia.com/advisories/25074

securityreason.com/securityalert/2660

www.securityfocus.com/archive/1/467362/100/0/threaded

www.securityfocus.com/bid/23737

www.vupen.com/english/advisories/2007/1615

exchange.xforce.ibmcloud.com/vulnerabilities/33996

www.exploit-db.com/exploits/3825

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

High

EPSS

0.128

Percentile

95.6%

JSON

Related for CVE-2007-2481