Lucene search

[email protected]CVE-2007-5800

HistoryNov 03, 2007 - 12:46 a.m.

CVE-2007-5800

2007-11-0300:46:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2007-5800

php

remote file inclusion

vulnerability

backupwordpress

wordpress

nvd

7.9 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.114 Low

EPSS

Percentile

95.1%

JSON

Multiple PHP remote file inclusion vulnerabilities in the BackUpWordPress 0.4.2b and earlier plugin for WordPress allow remote attackers to execute arbitrary PHP code via a URL in the bkpwp_plugin_path parameter to (1) plugins/BackUp/Archive.php; and (2) Predicate.php, (3) Writer.php, (4) Reader.php, and other unspecified scripts under plugins/BackUp/Archive/.

CPENameOperatorVersion
tom_willmot:backupwordpress_plugintom willmot backupwordpress pluginle0.4.2b

CPE	Name	Operator	Version
tom_willmot:backupwordpress_plugin	tom willmot backupwordpress plugin	le	0.4.2b

References

osvdb.org/38476

osvdb.org/38477

osvdb.org/38478

osvdb.org/38479

wordpress.designpraxis.at/2007/11/01/backupwordpress-security-release/

wordpress.designpraxis.at/2007/11/01/security-vulnerability-in-backupwordpress/

www.securityfocus.com/bid/26290

www.vupen.com/english/advisories/2007/3744

exchange.xforce.ibmcloud.com/vulnerabilities/38212

www.exploit-db.com/exploits/4593

Social References

7.9 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.114 Low

EPSS

Percentile

95.1%

JSON

Related for CVE-2007-5800

patchstack1 prion1 canvas1