CVE-2007-0115

Exploit

EPSS 0.74%
Veröffentlicht 09.01.2007 02:28:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Static code injection vulnerability in Coppermine Photo Gallery 1.4.10 and earlier allows remote authenticated administrators to execute arbitrary PHP code via the Username to login.php, which is injected into an error message in security.log.php, which can then be accessed using viewlog.php.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Coppermine ≫ Coppermine Photo Gallery Version <= 1.4.10

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.74%	0.719

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6	6.8	6.4	AV:N/AC:M/Au:S/C:P/I:P/A:P

http://acid-root.new.fr/poc/19070104.txt

Exploit

http://osvdb.org/33383

http://securityreason.com/securityalert/2107

http://www.attrition.org/pipermail/vim/2007-January/001218.html

Exploit

http://www.securityfocus.com/archive/1/456051/100/0/threaded

https://nvd.nist.gov/vuln/detail/CVE-2007-0115

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-0115

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-0115

EUVD