Lucene search

[email protected]CVE-2007-4384

HistoryAug 17, 2007 - 9:17 p.m.

CVE-2007-4384

2007-08-1721:17:00

[email protected]

web.nvd.nist.gov

cve

2007

4384

php

remote file inclusion

stephane pineau vote 1c

arbitrary code execution

url

nomvote

filepalhex

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.045 Low

EPSS

Percentile

92.6%

JSON

Multiple PHP remote file inclusion vulnerabilities in depouilg.php3 in Stephane Pineau VOTE 1c allow remote attackers to execute arbitrary PHP code via a URL in the (1) NomVote and (2) FilePalHex parameters.

Affected configurations

NVD

Node

stephane_pineauvoteMatch1c

CPENameOperatorVersion
stephane_pineau:votestephane pineau voteeq1c

CPE	Name	Operator	Version
stephane_pineau:vote	stephane pineau vote	eq	1c

References

www.securityfocus.com/archive/1/476672/100/0/threaded

www.securityfocus.com/bid/25335

exchange.xforce.ibmcloud.com/vulnerabilities/36047

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.045 Low

EPSS

Percentile

92.6%

JSON

Related for CVE-2007-4384

nvd1 cvelist1 prion1