Lucene search

[email protected]CVE-2007-3346

HistoryJun 22, 2007 - 6:30 p.m.

CVE-2007-3346

2007-06-2218:30:00

[email protected]

web.nvd.nist.gov

cve

2007

3346

directory traversal

index.php

phpaccounts

remote attack

local file inclusion

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.02 Low

EPSS

Percentile

88.9%

JSON

Directory traversal vulnerability in index.php in PHPAccounts 0.5 allows remote attackers to include arbitrary local files via unspecified manipulations of the page parameter.

Affected configurations

NVD

Node

php_accountsphp_accountsMatch0.5

CPENameOperatorVersion
php_accounts:php_accountsphp accountseq0.5

CPE	Name	Operator	Version
php_accounts:php_accounts	php accounts	eq	0.5

References

osvdb.org/37683

pridels-team.blogspot.com/2007/06/phpaccounts-vuln.html

www.securityfocus.com/bid/24572

exchange.xforce.ibmcloud.com/vulnerabilities/35027

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.02 Low

EPSS

Percentile

88.9%

JSON

Related for CVE-2007-3346

prion1 cvelist1 nvd1