Lucene search

[email protected]CVE-2007-4715

HistorySep 05, 2007 - 7:17 p.m.

CVE-2007-4715

2007-09-0519:17:00

CWE-94

[email protected]

web.nvd.nist.gov

cve

php

remote file inclusion

weblogicnet

security vulnerability

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.089 Low

EPSS

Percentile

94.5%

JSON

Multiple PHP remote file inclusion vulnerabilities in Weblogicnet allow remote attackers to execute arbitrary PHP code via a URL in the files_dir parameter in (1) es_desp.php, (2) es_custom_menu.php, and (3) es_offer.php.

CPENameOperatorVersion
weblogicnet:weblogicnetweblogicneteq*

CPE	Name	Operator	Version
weblogicnet:weblogicnet	weblogicnet	eq	*

References

osvdb.org/38423

osvdb.org/38424

osvdb.org/38425

securityreason.com/securityalert/3096

www.securityfocus.com/archive/1/478379/100/0/threaded

www.securityfocus.com/bid/25506

www.solpotcrew.org/adv/home_edition2001-adv-02.txt

www.vupen.com/english/advisories/2007/3089

exchange.xforce.ibmcloud.com/vulnerabilities/36409

www.exploit-db.com/exploits/4352

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.089 Low

EPSS

Percentile

94.5%

JSON

Related for CVE-2007-4715

prion1