Lucene search

[email protected]CVE-2007-5149

HistoryOct 01, 2007 - 5:17 a.m.

CVE-2007-5149

2007-10-0105:17:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2007-5149

php

remote file inclusion

newscms

north country public radio

public media manager

pmm 1.3

vulnerability

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.214 Low

EPSS

Percentile

96.5%

JSON

PHP remote file inclusion vulnerability in NewsCMS/news/newstopic_inc.php in North Country Public Radio Public Media Manager (PMM) 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the indir parameter.

Affected configurations

NVD

Node

north_country_public_radiopublic_media_managerMatch1.3

CPENameOperatorVersion
north_country_public_radio:public_media_managernorth country public radio public media managereq1.3

CPE	Name	Operator	Version
north_country_public_radio:public_media_manager	north country public radio public media manager	eq	1.3

References

arfis.wordpress.com/2007/09/14/rfi-02-public-media-manager/

osvdb.org/37399

secunia.com/advisories/27020

www.securityfocus.com/archive/1/481073/100/0/threaded

www.securityfocus.com/bid/25860

www.vupen.com/english/advisories/2007/3310

exchange.xforce.ibmcloud.com/vulnerabilities/36866

www.exploit-db.com/exploits/4465

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.214 Low

EPSS

Percentile

96.5%

JSON

Related for CVE-2007-5149

prion1 nvd1 cvelist1