CVE-2007-5600

2007-10-1923:00:00

mitre

www.cve.org

7.6 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.6%

JSON

Incomplete blacklist vulnerability in index.php in Artmedic CMS 3.4 and earlier allows remote attackers to execute arbitrary PHP code via a (1) UNC share pathname, or a (2) ftps, (3) ssh2.sftp, or (4) ssh2.scp URL, in the page parameter, for which PHP remote file inclusion is blocked only for http, https, and ftp URLs.

References

www.exploit-db.com/exploits/4538