CVE-2007-3217
8.4 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.179 Low
EPSS
Percentile
96.1%
Multiple PHP remote file inclusion vulnerabilities in Prototype of an PHP application 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the path_inc parameter to (1) index.php in gestion/; (2) identification.php, (3) disconnect.php, (4) loginliste.php, (5) loginmodif.php, (6) index.php, and (7) ident.inc.php in ident/; (8) menuadministration.php and (9) menuprincipal.php in menu/; (10) param.inc.php in param/; (11) index.php in plugins/phpgacl/; and (12) index.php and (13) common.inc.php.
References
osvdb.org/37149
osvdb.org/37150
osvdb.org/37151
osvdb.org/37152
osvdb.org/37153
osvdb.org/37154
osvdb.org/37155
osvdb.org/37156
osvdb.org/37157
osvdb.org/37158
osvdb.org/37159
osvdb.org/37160
osvdb.org/37161
securityreason.com/securityalert/2812
www.securityfocus.com/archive/1/470245/100/100/threaded
www.securityfocus.com/bid/24266
exchange.xforce.ibmcloud.com/vulnerabilities/34679
Social References
More
8.4 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.179 Low
EPSS
Percentile
96.1%