Lucene search

PRIOn knowledge basePRION:CVE-2007-0172

HistoryJan 11, 2007 - 12:28 a.m.

Remote file inclusion

2007-01-1100:28:00

PRIOn knowledge base

www.prio-n.com

8.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.201 Low

EPSS

Percentile

96.2%

JSON

Multiple PHP remote file inclusion vulnerabilities in AllMyGuests 0.3.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the AMG_serverpath parameter to (1) comments.php and (2) signin.php; and possibly via a URL in unspecified parameters to (3) include/submit.inc.php, (4) admin/index.php, (5) include/cm_submit.inc.php, and (6) index.php.

CPENameOperatorVersion
allmyguestsle0.3

CPE	Name	Operator	Version
	allmyguests	le	0.3

References

osvdb.org/35915

osvdb.org/35916

osvdb.org/35917

osvdb.org/35919

osvdb.org/35921

osvdb.org/35923

www.securityfocus.com/bid/21918

exchange.xforce.ibmcloud.com/vulnerabilities/31310

www.exploit-db.com/exploits/3093

8.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.201 Low

EPSS

Percentile

96.2%

JSON

Related for PRION:CVE-2007-0172