Lucene search

[email protected]NVD:CVE-2007-1423

HistoryMar 13, 2007 - 1:19 a.m.

CVE-2007-1423

2007-03-1301:19:00

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

Low

EPSS

0.066

Percentile

93.8%

JSON

Multiple PHP remote file inclusion vulnerabilities in WORK system e-commerce 3.0.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the g_include parameter to include/include_top.php and certain other PHP scripts.

Affected configurations

Nvd

Node

work_system_e-commercework_system_e-commerceMatch3.0.3

work_system_e-commercework_system_e-commerceMatch3.0.4

work_system_e-commercework_system_e-commerceMatch3.0.5

work_system_e-commercework_system_e-commerceMatch3.0.41

References

osvdb.org/33973

secunia.com/advisories/24476

www.securityfocus.com/bid/22908

www.vupen.com/english/advisories/2007/0903

www.exploit-db.com/exploits/3448

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

Low

EPSS

0.066

Percentile

93.8%

JSON

Related for NVD:CVE-2007-1423

cvelist1 cve1 prion1 securityvulns1