CVE-2007-2167

2007-04-2219:00:00

mitre

www.cve.org

7.2 High

AI Score

Confidence

Low

0.023 Low

EPSS

Percentile

89.7%

JSON

Static code injection vulnerability in process.php in AimStats 3.2 allows remote attackers to inject PHP code into config.php via the number parameter in an update action.

References

secunia.com/advisories/24955

www.securityfocus.com/bid/23573

www.vupen.com/english/advisories/2007/1447

www.x-pose.org/aimstats.php

exchange.xforce.ibmcloud.com/vulnerabilities/33742

www.exploit-db.com/exploits/3762