ID OSVDB:33737Type osvdbReporter OSVDBModified 2007-02-16T03:54:06
Description
No description provided by the source
References:
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-02/0301.html
Mail List Post: http://attrition.org/pipermail/vim/2007-February/001356.html
CVE-2007-1052
{"href": "https://vulners.com/osvdb/OSVDB:33737", "id": "OSVDB:33737", "reporter": "OSVDB", "published": "2007-02-16T03:54:06", "description": "# No description provided by the source\n\n## References:\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-02/0301.html\nMail List Post: http://attrition.org/pipermail/vim/2007-February/001356.html\n[CVE-2007-1052](https://vulners.com/cve/CVE-2007-1052)\n", "title": "PBLang index.php dbpath Variable Remote File Inclusion", "lastseen": "2017-04-28T13:20:30", "bulletinFamily": "software", "type": "osvdb", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "references": [], "edition": 1, "cvelist": ["CVE-2007-1052"], "affectedSoftware": [], "viewCount": 0, "enchantments": {"score": {"value": 6.2, "vector": "NONE", "modified": "2017-04-28T13:20:30", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-1052"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7255"]}], "modified": "2017-04-28T13:20:30", "rev": 2}, "vulnersScore": 6.2}, "modified": "2007-02-16T03:54:06"}
{"cve": [{"lastseen": "2021-02-02T05:31:21", "description": "** DISPUTED ** PHP remote file inclusion vulnerability in index.php in PBLang (PBL) 4.60 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the dbpath parameter, a different vector than CVE-2006-5062. NOTE: this issue has been disputed by a reliable third party for 4.65, stating that the dbpath variable is initialized in an included file that is created upon installation.", "edition": 6, "cvss3": {}, "published": "2007-02-21T23:28:00", "title": "CVE-2007-1052", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-1052"], "modified": "2018-10-16T16:36:00", "cpe": ["cpe:/a:pblang:pblang:4.60"], "id": "CVE-2007-1052", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-1052", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:pblang:pblang:4.60:*:*:*:*:*:*:*"]}], "securityvulns": [{"lastseen": "2018-08-31T11:09:23", "bulletinFamily": "software", "cvelist": ["CVE-2007-1045", "CVE-2007-1043", "CVE-2007-0982", "CVE-2007-1048", "CVE-2007-0979", "CVE-2007-1052", "CVE-2007-1198", "CVE-2007-0974", "CVE-2007-0975"], "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 1, "modified": "2007-02-18T00:00:00", "published": "2007-02-18T00:00:00", "id": "SECURITYVULNS:VULN:7255", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:7255", "title": "Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
