CVE-2007-2307

2007-04-2621:00:00

mitre

www.cve.org

7.5 High

AI Score

Confidence

High

0.096 Low

EPSS

Percentile

94.8%

JSON

PHP remote file inclusion vulnerability in engine/engine.inc.php in WebKalk2 1.9.0 allows remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter.

References

osvdb.org/35747

www.securityfocus.com/bid/23451

www.vupen.com/english/advisories/2007/1385

exchange.xforce.ibmcloud.com/vulnerabilities/33598

www.exploit-db.com/exploits/3717