Lucene search

[email protected]CVE-2007-6105

HistoryNov 23, 2007 - 8:46 p.m.

CVE-2007-6105

2007-11-2320:46:00

CWE-94

[email protected]

web.nvd.nist.gov

cve

2007

6105

talkback

php

remote file inclusion

vulnerabilities

nvd

8.4 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.071 Low

EPSS

Percentile

94.0%

JSON

Multiple PHP remote file inclusion vulnerabilities in TalkBack 2.2.7 allow remote attackers to execute arbitrary PHP code via a URL in the (1) language_file parameter to (a) comments-display-tpl.php and (b) addons/separate-comments-mod/my-comments-display-tpl.php and the (2) config[comments_form_tpl] parameter to comments-display-tpl.php.

CPENameOperatorVersion
talkback:talkbacktalkbackeq2.2.7

CPE	Name	Operator	Version
talkback:talkback	talkback	eq	2.2.7

References

osvdb.org/38815

osvdb.org/38816

secunia.com/advisories/27767

www.scripts.oldguy.us/forums/index.php/topic%2C290.0.html

www.securityfocus.com/archive/1/484045/100/0/threaded

www.securityfocus.com/archive/1/485662/100/100/threaded

www.securityfocus.com/bid/26520

www.vupen.com/english/advisories/2007/3963

exchange.xforce.ibmcloud.com/vulnerabilities/38596

exchange.xforce.ibmcloud.com/vulnerabilities/38597

www.exploit-db.com/exploits/4640

Social References

8.4 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.071 Low

EPSS

Percentile

94.0%

JSON

Related for CVE-2007-6105

cvelist1 prion1