Lucene search
HistoryFeb 04, 2007 - 12:28 a.m.
CVE-2007-0704
cve-2007-0704
php
remote file inclusion
vulnerability
somery 0.4.6
execute
arbitrary
url
skindir parameter
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.016 Low
EPSS
Percentile
87.4%
PHP remote file inclusion vulnerability in install.php in Somery 0.4.6 allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter, a different vector than CVE-2006-4669. NOTE: the documentation says to remove install.php after installation.
Affected configurations
Node
somerysomeryMatch0.4.6
| CPE | Name | Operator | Version |
|---|---|---|---|
| somery:somery | somery | eq | 0.4.6 |
Related
prion
prion
Remote file inclusion
2007-02-04 00:28:00
cvelist
cvelist
CVE-2007-0704
2007-02-04 00:00:00
CVE-2006-4669
2006-09-09 00:00:00
nvd
nvd
CVE-2007-0704
2007-02-04 00:28:00
CVE-2006-4669
2006-09-09 00:04:00
securityvulns
securityvulns
cve
cve
CVE-2006-4669
2006-09-09 00:04:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.016 Low
EPSS
Percentile
87.4%
Related for CVE-2007-0704