Lucene search

[email protected]CVE-2007-4757

HistorySep 08, 2007 - 10:17 a.m.

CVE-2007-4757

2007-09-0810:17:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2007-4757

php

remote file inclusion

menu.php

phpmytourney

url

vulnerability

nvd

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.058 Low

EPSS

Percentile

93.3%

JSON

PHP remote file inclusion vulnerability in menu.php in phpMytourney allows remote attackers to execute arbitrary PHP code via a URL in the functions_file parameter.

CPENameOperatorVersion
phpmytourney:phpmytourneyphpmytourneyeq*

CPE	Name	Operator	Version
phpmytourney:phpmytourney	phpmytourney	eq	*

References

osvdb.org/38331

www.securityfocus.com/bid/25579

www.vupen.com/english/advisories/2007/3112

exchange.xforce.ibmcloud.com/vulnerabilities/36495

www.exploit-db.com/exploits/4368

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.058 Low

EPSS

Percentile

93.3%

JSON

Related for CVE-2007-4757

canvas1 prion1