Lucene search

[email protected]CVE-2007-6177

HistoryNov 30, 2007 - 12:46 a.m.

CVE-2007-6177

2007-11-3000:46:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2007-6177

php

remote file inclusion

vulnerability

exchange

include.php

webappcfg

apppath

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.072 Low

EPSS

Percentile

94.0%

JSON

PHP remote file inclusion vulnerability in Exchange/include.php in PHP_CON 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the webappcfg[APPPATH] parameter.

Affected configurations

NVD

Node

php_conphp_conMatch1.3

CPENameOperatorVersion
php_con:php_conphp coneq1.3

CPE	Name	Operator	Version
php_con:php_con	php con	eq	1.3

References

osvdb.org/38915

secunia.com/advisories/27852

www.securityfocus.com/bid/26622

exchange.xforce.ibmcloud.com/vulnerabilities/38679

www.exploit-db.com/exploits/4670

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.072 Low

EPSS

Percentile

94.0%

JSON

Related for CVE-2007-6177

prion1 cvelist1 nvd1