Lucene search

[email protected]NVD:CVE-2007-1455

HistoryMar 14, 2007 - 6:19 p.m.

CVE-2007-1455

2007-03-1418:19:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.016

Percentile

87.4%

JSON

Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remote authenticated users to include and execute arbitrary local files via (1) the userlanguage parameter to includes/load_language.php or (2) the fantasticopath parameter to includes/mysqlconfig.php and certain other files.

Affected configurations

Nvd

Node

cpanel-hostfantastico_de_luxe

VendorProductVersionCPE
cpanel-hostfantastico_de_luxe*cpe:2.3:a:cpanel-host:fantastico_de_luxe:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cpanel-host	fantastico_de_luxe	*	cpe:2.3:a:cpanel-host:fantastico_de_luxe::::::::

References

osvdb.org/35036

osvdb.org/35037

securityreason.com/securityalert/2420

www.securityfocus.com/archive/1/462562/100/0/threaded

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.016

Percentile

87.4%

JSON

Related for NVD:CVE-2007-1455

exploitdb1 cve1 cvelist1 prion1 securityvulns1