Lucene search

[email protected]CVE-2007-6089

HistoryNov 22, 2007 - 12:46 a.m.

CVE-2007-6089

2007-11-2200:46:00

CWE-94

[email protected]

web.nvd.nist.gov

cve

2007

6089

php

remote file inclusion

mebiblio

vulnerability

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

High

0.087 Low

EPSS

Percentile

94.6%

JSON

PHP remote file inclusion vulnerability in index.php in meBiblio 0.4.5 allows remote attackers to execute arbitrary PHP code via a URL in the action parameter.

Affected configurations

NVD

Node

mebibliomebiblioMatch0.4.5

CPENameOperatorVersion
mebiblio:mebibliomebiblioeq0.4.5

CPE	Name	Operator	Version
mebiblio:mebiblio	mebiblio	eq	0.4.5

References

osvdb.org/38743

secunia.com/advisories/27722

www.securityfocus.com/bid/26480

www.vupen.com/english/advisories/2007/3909

exchange.xforce.ibmcloud.com/vulnerabilities/38540

www.exploit-db.com/exploits/4630

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

High

0.087 Low

EPSS

Percentile

94.6%

JSON

Related for CVE-2007-6089

nvd1 cvelist1 prion1