Lucene search

[email protected]CVE-2007-6027

HistoryNov 20, 2007 - 1:46 a.m.

CVE-2007-6027

2007-11-2001:46:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2007-6027

php

remote file inclusion

joomla

security vulnerability

code execution

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.027 Low

EPSS

Percentile

90.6%

JSON

PHP remote file inclusion vulnerability in admin.jjgallery.php in the Carousel Flash Image Gallery (com_jjgallery) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

Affected configurations

NVD

Node

justjoomlacarousel_flash_image_gallery

CPENameOperatorVersion
justjoomla:carousel_flash_image_galleryjustjoomla carousel flash image galleryeq*

CPE	Name	Operator	Version
justjoomla:carousel_flash_image_gallery	justjoomla carousel flash image gallery	eq	*

References

www.securityfocus.com/bid/26471

www.vupen.com/english/advisories/2007/3907

exchange.xforce.ibmcloud.com/vulnerabilities/38500

www.exploit-db.com/exploits/4626

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.027 Low

EPSS

Percentile

90.6%

JSON

Related for CVE-2007-6027

prion1 cvelist1 nvd1