Lucene search

[email protected]CVE-2007-2939

HistoryMay 31, 2007 - 12:30 a.m.

CVE-2007-2939

2007-05-3100:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-2939

php

remote file inclusion

mazen's php chat

security vulnerability

nvd

execute arbitrary php code

7.8 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.131 Low

EPSS

Percentile

95.4%

JSON

Multiple PHP remote file inclusion vulnerabilities in Mazen’s PHP Chat 3.0.0 allow remote attackers to execute arbitrary PHP code via a URL in the basepath parameter to (1) ITX.php, (2) IT_Error.php, or (3) IT.php in include/pear/.

CPENameOperatorVersion
mazens_php_chat:mazens_php_chatmazens php chateq3.0.0

CPE	Name	Operator	Version
mazens_php_chat:mazens_php_chat	mazens php chat	eq	3.0.0

References

osvdb.org/38086

osvdb.org/38087

osvdb.org/38088

www.securityfocus.com/bid/24171

www.vupen.com/english/advisories/2007/1968

exchange.xforce.ibmcloud.com/vulnerabilities/34536

www.exploit-db.com/exploits/3994

7.8 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.131 Low

EPSS

Percentile

95.4%

JSON

Related for CVE-2007-2939

prion1 canvas1