Lucene search

PRIOn knowledge basePRION:CVE-2007-1423

HistoryMar 13, 2007 - 1:19 a.m.

Remote file inclusion

2007-03-1301:19:00

PRIOn knowledge base

www.prio-n.com

8.1 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.066 Low

EPSS

Percentile

93.6%

JSON

Multiple PHP remote file inclusion vulnerabilities in WORK system e-commerce 3.0.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the g_include parameter to include/include_top.php and certain other PHP scripts.

CPENameOperatorVersion
work_system_e-commerceeq3.0.41
work_system_e-commerceeq3.0.3
work_system_e-commerceeq3.0.5
work_system_e-commerceeq3.0.4

Name	Operator	Version
work_system_e-commerce	eq	3.0.41
work_system_e-commerce	eq	3.0.3
work_system_e-commerce	eq	3.0.5
work_system_e-commerce	eq	3.0.4

References

osvdb.org/33973

secunia.com/advisories/24476

www.securityfocus.com/bid/22908

www.vupen.com/english/advisories/2007/0903

www.exploit-db.com/exploits/3448

8.1 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.066 Low

EPSS

Percentile

93.6%

JSON

Related for PRION:CVE-2007-1423