Lucene search

[email protected]CVE-2007-5363

HistoryOct 11, 2007 - 1:17 a.m.

CVE-2007-5363

2007-10-1101:17:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2007-5363

php

remote file inclusion

admin.panoramic.php

panoramic picture viewer

joomla!

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

High

0.02 Low

EPSS

Percentile

88.9%

JSON

PHP remote file inclusion vulnerability in admin.panoramic.php in the Panoramic Picture Viewer (com_panoramic) mambot (plugin) 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD

Node

joomlajoomla

webmaster-tipspanoramic_picture_viewerMatch1.0

CPENameOperatorVersion
joomla:joomlajoomlaeq*
webmaster-tips:panoramic_picture_viewerwebmaster-tips panoramic picture viewereq1.0

CPE	Name	Operator	Version
joomla:joomla	joomla	eq	*
webmaster-tips:panoramic_picture_viewer	webmaster-tips panoramic picture viewer	eq	1.0

References

osvdb.org/38585

www.securityfocus.com/bid/25946

www.vupen.com/english/advisories/2007/3428

exchange.xforce.ibmcloud.com/vulnerabilities/36992

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

High

0.02 Low

EPSS

Percentile

88.9%

JSON

Related for CVE-2007-5363

cvelist1 nvd1 canvas1 prion1 nessus1