CVE-2007-3370

2007-06-2218:00:00

mitre

www.cve.org

7.7 High

AI Score

Confidence

Low

0.1 Low

EPSS

Percentile

95.0%

JSON

Multiple PHP remote file inclusion vulnerabilities in Sun Board 1.00.00 Alpha allow remote attackers to execute arbitrary PHP code via a URL in (1) the sunPath parameter to include.php or (2) the dir parameter to skin/board/default/doctype.php.

References

osvdb.org/36281

osvdb.org/36282

www.securityfocus.com/bid/24588

www.vupen.com/english/advisories/2007/2307

exchange.xforce.ibmcloud.com/vulnerabilities/35006

www.exploit-db.com/exploits/4091