Lucene search

PRIOn knowledge basePRION:CVE-2007-5216

HistoryOct 04, 2007 - 11:17 p.m.

Remote file inclusion

2007-10-0423:17:00

PRIOn knowledge base

www.prio-n.com

7.9 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.3%

JSON

Multiple PHP remote file inclusion vulnerabilities in eArk (e-Ark) 1.0 allow remote attackers to execute arbitrary PHP code via a URL in (1) the cfg_vcard_path parameter to src/vcard_inc.php or (2) the cfg_phpmailer_path parameter to src/email_inc.php. NOTE: the ark_inc.php vector is already covered by CVE-2006-6086.

CPENameOperatorVersion
e-arkeq1.0

CPE	Name	Operator	Version
	e-ark	eq	1.0

References

arfis.wordpress.com/2007/09/13/rfi-02-eark/

osvdb.org/38553

osvdb.org/38554

7.9 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.3%

JSON

Related for PRION:CVE-2007-5216

cve2