Lucene search

[email protected]CVE-2007-4413

HistoryAug 18, 2007 - 9:17 p.m.

CVE-2007-4413

2007-08-1821:17:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

code injection

vulnerability

deskpro

nvd

cve-2007-4413

7.6 High

AI Score

Confidence

Low

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

41.4%

JSON

Direct static code injection vulnerability in admincp/user_help.php in Headstart Solutions DeskPRO 3.0.2 allows remote authenticated users to inject arbitrary PHP code into an unspecified file via a new_entry value in the do parameter.

CPENameOperatorVersion
headstart_solutions:deskproheadstart solutions deskproeq3.0.2

CPE	Name	Operator	Version
headstart_solutions:deskpro	headstart solutions deskpro	eq	3.0.2

References

osvdb.org/46653

securityreason.com/securityalert/3029

www.securityfocus.com/archive/1/476454/100/0/threaded

7.6 High

AI Score

Confidence

Low

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

41.4%

JSON

Related for CVE-2007-4413

prion1