Lucene search

K
cve[email protected]CVE-2007-5056
HistorySep 24, 2007 - 10:17 p.m.

CVE-2007-5056

2007-09-2422:17:00
CWE-94
web.nvd.nist.gov
36
cve
5056
eval injection
adodb lite
remote code execution
security vulnerability

7.8 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.702 High

EPSS

Percentile

98.0%

Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty, allows remote attackers to execute arbitrary code via PHP sequences in the last_module parameter.

Affected configurations

NVD
Node
adodb_liteadodb_liteRange1.42
OR
cmsmadesimplecms_made_simple
OR
journalnessjournalness
OR
open-realtyopen-realty
OR
pacercmspacercms
OR
sapidsapid_cmf

7.8 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.702 High

EPSS

Percentile

98.0%

Related for CVE-2007-5056