Lucene search

[email protected]CVE-2007-2544

HistoryMay 09, 2007 - 1:19 a.m.

CVE-2007-2544

2007-05-0901:19:00

[email protected]

web.nvd.nist.gov

cve-2007-2544

php

remote file inclusion

toptree bbs

vulnerability

code execution

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

High

0.153 Low

EPSS

Percentile

95.9%

JSON

PHP remote file inclusion vulnerability in templates/default/tpl_message.php in PHP TopTree BBS 2.0.1a and earlier allows remote attackers to execute arbitrary PHP code via a URL in the right_file parameter.

Affected configurations

NVD

Node

php_toptree_bbsphp_toptree_bbsRange≤2.0.1a

CPENameOperatorVersion
php_toptree_bbs:php_toptree_bbsphp toptree bbsle2.0.1a

CPE	Name	Operator	Version
php_toptree_bbs:php_toptree_bbs	php toptree bbs	le	2.0.1a

References

osvdb.org/35787

secunia.com/advisories/25175

www.securityfocus.com/bid/23867

www.vupen.com/english/advisories/2007/1673

exchange.xforce.ibmcloud.com/vulnerabilities/34107

www.exploit-db.com/exploits/3854

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

High

0.153 Low

EPSS

Percentile

95.9%

JSON

Related for CVE-2007-2544

cvelist1 nvd1 prion1