Lucene search

[email protected]NVD:CVE-2007-6615

HistoryJan 03, 2008 - 11:46 p.m.

CVE-2007-6615

2008-01-0323:46:00

CWE-94

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.2

Confidence

High

EPSS

0.007

Percentile

80.4%

JSON

Directory traversal vulnerability in includes/block.php in Agares Media phpAutoVideo 2.21 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the selected_provider parameter.

Affected configurations

Nvd

Node

agares_mediaphpautovideoMatch2.21

VendorProductVersionCPE
agares_mediaphpautovideo2.21cpe:2.3:a:agares_media:phpautovideo:2.21:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
agares_media	phpautovideo	2.21	cpe:2.3:a:agares_media:phpautovideo:2.21:::::::*

References

forums.agaresmedia.com/viewtopic.php?f=13&t=407

osvdb.org/39618

secunia.com/advisories/28230

www.securityfocus.com/bid/27023

www.vupen.com/english/advisories/2007/4319

www.exploit-db.com/exploits/4782

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.2

Confidence

High

EPSS

0.007

Percentile

80.4%

JSON

Related for NVD:CVE-2007-6615

cve1 prion1 cvelist1 exploitdb1