Lucene search
MitreCVE-2007-4978HistorySep 19, 2007 - 6:17 p.m.
CVE-2007-4978
2007-09-1918:17:00
CWE-94
mitre
web.nvd.nist.gov
30
cve
2007
4978
php
remote file inclusion
phpsyncml
vulnerability
execute
arbitrary code
url
base_dir parameter
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.7
Confidence
Low
EPSS
0.045
Percentile
92.5%
Multiple PHP remote file inclusion vulnerabilities in phpSyncML 0.1.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the base_dir parameter to (1) Decoder.php and (2) Encoder.php in WBXML/.
Affected configurations
Node
phpsyncmlphpsyncmlRange≤0.1.2
Related
prion
prion
Remote file inclusion
2007-09-19 18:17:00
cvelist
cvelist
CVE-2007-4978
2007-09-19 18:00:00
exploitdb
exploitdb
phpsyncml 0.1.2 - Remote File Inclusion
2007-09-18 00:00:00
nvd
nvd
CVE-2007-4978
2007-09-19 18:17:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.7
Confidence
Low
EPSS
0.045
Percentile
92.5%
Related for CVE-2007-4978