CVE-2007-4978

2007-09-1918:00:00

mitre

www.cve.org

AI Score

7.7

Confidence

Low

EPSS

0.045

Percentile

92.5%

JSON

Multiple PHP remote file inclusion vulnerabilities in phpSyncML 0.1.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the base_dir parameter to (1) Decoder.php and (2) Encoder.php in WBXML/.

References

osvdb.org/38260

osvdb.org/38261

www.securityfocus.com/bid/25701

exchange.xforce.ibmcloud.com/vulnerabilities/36665

www.exploit-db.com/exploits/4421