Lucene search
HistoryJun 11, 2007 - 6:30 p.m.
CVE-2007-3141
cve-2007-3141
php
remote file inclusion
vulnerability
editor.php
phpwebthings 1.5.2
arbitrary code execution
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.055 Low
EPSS
Percentile
93.2%
PHP remote file inclusion vulnerability in core/editor.php in phpWebThings 1.5.2 allows remote attackers to execute arbitrary PHP code via a URL in the editor_insert_top parameter. NOTE: the editor_insert_bottom vector is already covered by CVE-2006-6042.
Affected configurations
Node
phpwebthingsphpwebthingsMatch1.5.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| phpwebthings:phpwebthings | phpwebthings | eq | 1.5.2 |
Related
cvelist
cvelist
CVE-2007-3141
2007-06-11 18:00:00
CVE-2006-6042
2006-11-22 00:00:00
prion
prion
Remote file inclusion
2007-06-11 18:30:00
nvd
nvd
CVE-2007-3141
2007-06-11 18:30:00
CVE-2006-6042
2006-11-22 00:07:00
openvas
openvas
phpWebThings RFI Vulnerability - Active Check
2008-10-24 00:00:00
cve
cve
CVE-2006-6042
2006-11-22 00:07:00
nessus
nessus
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.055 Low
EPSS
Percentile
93.2%
Related for CVE-2007-3141