Lucene search

[email protected]CVE-2007-2762

HistoryMay 18, 2007 - 10:30 p.m.

CVE-2007-2762

2007-05-1822:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-2762

php

remote code execution

file inclusion

build it fast

bif3

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.17 Low

EPSS

Percentile

96.0%

JSON

Multiple PHP remote file inclusion vulnerabilities in Build it Fast (bif3) 0.4.1 allow remote attackers to execute arbitrary PHP code via a URL in (1) the pear_dir parameter to Base/Application.php, or the (2) sys_dir parameter to (a) Footer.php, (b) widget.BifContainer.php, © widget.BifRoot.php, (d) widget.BifRoot2.php, (e) widget.BifRoot3.php, or (f) widget.BifWarning.php in Widgets/Base/.

CPENameOperatorVersion
build_it_fast:build_it_fastbuild it fasteq0.4.1

CPE	Name	Operator	Version
build_it_fast:build_it_fast	build it fast	eq	0.4.1

References

osvdb.org/37949

osvdb.org/37950

osvdb.org/37951

osvdb.org/37952

osvdb.org/37953

osvdb.org/37954

osvdb.org/37955

www.securityfocus.com/bid/24045

exchange.xforce.ibmcloud.com/vulnerabilities/34362

www.exploit-db.com/exploits/3947

Social References

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.17 Low

EPSS

Percentile

96.0%

JSON

Related for CVE-2007-2762

prion1