Lucene search

K
cve[email protected]CVE-2007-5056
HistorySep 24, 2007 - 10:17 p.m.

CVE-2007-5056

2007-09-2422:17:00
CWE-94
web.nvd.nist.gov
38
cve
5056
eval injection
adodb lite
remote code execution
security vulnerability

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.696 Medium

EPSS

Percentile

98.0%

Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty, allows remote attackers to execute arbitrary code via PHP sequences in the last_module parameter.

Affected configurations

NVD
Node
adodb_liteadodb_liteRange1.42
OR
cmsmadesimplecms_made_simple
OR
journalnessjournalness
OR
open-realtyopen-realty
OR
pacercmspacercms
OR
sapidsapid_cmf

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.696 Medium

EPSS

Percentile

98.0%

Related for CVE-2007-5056