Lucene search

MitreCVE-2007-4818

HistorySep 11, 2007 - 7:17 p.m.

CVE-2007-4818

2007-09-1119:17:00

CWE-94

mitre

web.nvd.nist.gov

cve-2007-4818

php

remote file inclusion

txx cms

vulnerability

execution

arbitrary code

url

doc_root parameter

addons

plugin

sidebar

mail

mailbox

modules

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

High

EPSS

0.046

Percentile

92.7%

JSON

Multiple PHP remote file inclusion vulnerabilities in Txx CMS 0.2 allow remote attackers to execute arbitrary PHP code via a URL in the doc_root parameter to (1) addons/plugin.php, (2) addons/sidebar.php, (3) mail/index.php, or (4) mail/mailbox.php in modules/.

Affected configurations

Nvd

Node

txx_cmstxx_cmsMatch0.2

VendorProductVersionCPE
txx_cmstxx_cms0.2cpe:2.3:a:txx_cms:txx_cms:0.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
txx_cms	txx_cms	0.2	cpe:2.3:a:txx_cms:txx_cms:0.2:::::::*

References

osvdb.org/38390

osvdb.org/38391

osvdb.org/38392

osvdb.org/38393

securityreason.com/securityalert/3116

www.securityfocus.com/archive/1/478870/100/0/threaded

www.securityfocus.com/bid/25597

exchange.xforce.ibmcloud.com/vulnerabilities/36511

www.exploit-db.com/exploits/4381

Social References

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

High

EPSS

0.046

Percentile

92.7%

JSON

Related for CVE-2007-4818