Lucene search
HistoryApr 09, 2007 - 8:19 p.m.
CVE-2007-1895
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.1
Percentile
95.0%
PHP remote file inclusion vulnerability in chat.php in Sky GUNNING MySpeach 3.0.7 and earlier, when used with PHP 5, allows remote attackers to execute arbitrary PHP code via an ftp URL in a my_ms[root] cookie, a different vector than CVE-2007-0491 and CVE-2006-4630.
Affected configurations
Node
sky_gunningmyspeachRange≤3.0.7
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sky_gunning | myspeach | * | cpe:2.3:a:sky_gunning:myspeach:*:*:*:*:*:*:*:* |
Related
prion
prion
Remote file inclusion
2007-04-09 20:19:00
Remote file inclusion
2007-01-25 00:28:00
cve
cve
cvelist
cvelist
nvd
nvd
CVE-2007-0491
2007-01-25 00:28:00
CVE-2006-4630
2006-09-08 20:04:00
securityvulns
securityvulns
exploitdb
exploitdb
MySpeach 3.0.2 - 'my_ms[root]' Remote File Inclusion
2006-09-05 00:00:00
MySpeach 3.0.7 - Local/Remote File Inclusion
2007-04-03 00:00:00
MySpeach 2.1b - 'up.php' Remote File Inclusion
2007-01-20 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.1
Percentile
95.0%
Related for NVD:CVE-2007-1895