Lucene search

MitreCVE-2007-1699

HistoryMar 27, 2007 - 1:19 a.m.

CVE-2007-1699

2007-03-2701:19:00

mitre

web.nvd.nist.gov

cve-2007-1699

php

remote file inclusion

swmenu

mambo

joomla

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.129

Percentile

95.5%

JSON

Multiple PHP remote file inclusion vulnerabilities in the SWmenu (com_swmenupro and com_swmenufree) 4.0 component for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to ImageManager/Classes/ImageManager.php under the (1) components/ or (2) administrator/components/ directory trees.

Affected configurations

Nvd

Node

joomlaswmenu_componentMatch4.0

mamboswmenu_componentMatch4.0

VendorProductVersionCPE
joomlaswmenu_component4.0cpe:2.3:a:joomla:swmenu_component:4.0:*:*:*:*:*:*:*
mamboswmenu_component4.0cpe:2.3:a:mambo:swmenu_component:4.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
joomla	swmenu_component	4.0	cpe:2.3:a:joomla:swmenu_component:4.0:::::::*
mambo	swmenu_component	4.0	cpe:2.3:a:mambo:swmenu_component:4.0:::::::*

References

osvdb.org/38790

osvdb.org/38791

www.securityfocus.com/bid/23116

www.vupen.com/english/advisories/2007/1100

exchange.xforce.ibmcloud.com/vulnerabilities/33204

www.exploit-db.com/exploits/3557

Social References

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.129

Percentile

95.5%

JSON

Related for CVE-2007-1699