7.5 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.03 Low
EPSS
Percentile
90.8%
Multiple PHP remote file inclusion vulnerabilities in SpeedTech PHP Library (STPHPLibrary) 0.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) db_conf or (2) ADODB_DIR parameter to utils/stphpimage_show.php; or a URL in the STPHPLIB_DIR parameter to (3) stphpbutton.php, (4) stphpcheckbox.php, (5) stphpcheckboxwithcaption.php, (6) stphpcheckgroup.php, (7) stphpcomponent.php, (8) stphpcontrolwithcaption.php, (9) stphpedit.php, (10) stphpeditwithcaption.php, (11) stphphr.php, (12) stphpimage.php, (13) stphpimagewithcaption.php, (14) stphplabel.php, (15) stphplistbox.php, (16) stphplistboxwithcaption.php, (17) stphplocale.php, (18) stphppanel.php, (19) stphpradiobutton.php, (20) stphpradiobuttonwithcaption.php, (21) stphpradiogroup.php, (22) stphprichbutton.php, (23) stphpspacer.php, (24) stphptable.php, (25) stphptablecell.php, (26) stphptablerow.php, (27) stphptabpanel.php, (28) stphptabtitle.php, (29) stphptextarea.php, (30) stphptextareawithcaption.php, (31) stphptoolbar.php, (32) stphpwindow.php, (33) stphpxmldoc.php, or (34) stphpxmlelement.php, a different set of vectors than CVE-2007-4737. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CPE | Name | Operator | Version |
---|---|---|---|
speedtech:stphplibrary | speedtech stphplibrary | eq | 0.8.0 |
osvdb.org/39073
osvdb.org/39074
osvdb.org/39075
osvdb.org/39076
osvdb.org/39077
osvdb.org/39078
osvdb.org/39079
osvdb.org/39080
osvdb.org/39081
osvdb.org/39082
osvdb.org/39083
osvdb.org/39084
osvdb.org/39085
osvdb.org/39086
osvdb.org/39087
osvdb.org/39088
osvdb.org/39089
osvdb.org/39090
osvdb.org/39091
osvdb.org/39092
osvdb.org/39093
osvdb.org/39094
osvdb.org/39095
osvdb.org/39096
osvdb.org/39097
osvdb.org/39098
osvdb.org/39099
osvdb.org/39100
osvdb.org/39101
osvdb.org/39102
osvdb.org/39103
osvdb.org/39104
osvdb.org/39105
secunia.com/advisories/26658
www.securityfocus.com/bid/25525
exchange.xforce.ibmcloud.com/vulnerabilities/36417
More