Lucene search

[email protected]CVE-2007-3525

HistoryJul 03, 2007 - 6:30 p.m.

CVE-2007-3525

2007-07-0318:30:00

[email protected]

web.nvd.nist.gov

ripe website manager

configuration information

remote attackers

phpinfo

cve-2007-3525

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

82.1%

JSON

Ripe Website Manager 0.8.9 and earlier allows remote attackers to obtain configuration information via a direct request to includes/phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD

Node

ripe_website_managerripe_website_managerRange≤0.8.9

CPENameOperatorVersion
ripe_website_manager:ripe_website_managerripe website managerle0.8.9

CPE	Name	Operator	Version
ripe_website_manager:ripe_website_manager	ripe website manager	le	0.8.9

References

osvdb.org/37801

secunia.com/advisories/25898

www.securityfocus.com/bid/24722

exchange.xforce.ibmcloud.com/vulnerabilities/35200

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

82.1%

JSON

Related for CVE-2007-3525

cvelist1 nvd1 prion1