7.5
CVE-2007-0683
- EPSS 4.75%
- Veröffentlicht 03.02.2007 01:28:00
- Zuletzt bearbeitet 16.06.2026 22:36:03
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginPHP remote file inclusion vulnerability in includes/functions.php in Omegaboard 1.0beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Omegaboard Project ≫ Omegaboard Version1.0 Updatebeta1
Omegaboard Project ≫ Omegaboard Version1.0 Updatebeta2
Omegaboard Project ≫ Omegaboard Version1.0 Updatebeta3
Omegaboard Project ≫ Omegaboard Version1.0 Updatebeta4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.75% | 0.907 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://marc.info/?l=bugtraq&m=117036933022782&w=2
http://www.securityfocus.com/archive/1/458825/100/0/threaded
http://www.securityfocus.com/bid/22355
http://www.vupen.com/english/advisories/2007/0445
http://www.xoron.info/bugs/omegaboard-html.txt
http://www.xoron.info/bugs/omegaboard-perl.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/32057
https://www.exploit-db.com/exploits/3242