Lucene search
K
IptelSerweb

4 matches found

CVE
CVE
added 2007/12/10 6:0 p.m.47 views

CVE-2007-6289

CVE-2007-6289 describes multiple PHP remote file inclusion vulnerabilities in SerWeb (versions 0.9.6 and later, and 2.0.0 dev1 and earlier). The flaw allows an attacker to execute arbitrary PHP code by supplying a URL in parameters such as _SERWEB[configdir] to load_lang.php, _SERWEB[functionsdir...

6.8CVSS7.4AI score0.02016EPSS
CVE
CVE
added 2007/06/22 6:0 p.m.46 views

CVE-2007-3359

CVE-2007-3359 describes multiple PHP remote file inclusion vulnerabilities in SerWeb 0.9.6 and earlier. The flaw allows remote attackers to execute arbitrary PHP code by supplying a URL in the _SERWEB[serwebdir] parameter to either html/load_apu.php or html/mail_prepend.php. The vulnerability ori...

6.8CVSS7.4AI score0.01335EPSS
Web
CVE
CVE
added 2007/06/22 6:0 p.m.45 views

CVE-2007-3358

The CVE-2007-3358 entry affects SerWeb 0.9.6 and earlier, with a PHP remote file inclusion vulnerability in html/load_lang.php. The underlying flaw is that the _SERWEB[serwebdir] parameter can be used to supply a URL, allowing an attacker to execute arbitrary PHP code remotely. Connected sources ...

6.8CVSS7.4AI score0.68011EPSS
Web
CVE
CVE
added 2007/12/10 6:0 p.m.44 views

CVE-2007-6290

SERWeb 2.0.0 dev1 and earlier are affected by directory traversal in js/get_js.php. The vulnerability allows remote attackers to read arbitrary files by supplying .. in the (1) mod and (2) js parameters, due to underlying path traversal. Documented impact is reading files; no exploitation status ...

5CVSS6.9AI score0.06539EPSS
Web