CVE-2007-0683

EPSS 16.79%
Veröffentlicht 03.02.2007 01:28:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

PHP remote file inclusion vulnerability in includes/functions.php in Omegaboard 1.0beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 11

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Omegaboard Project ≫ Omegaboard Version1.0 Updatebeta1

Omegaboard Project ≫ Omegaboard Version1.0 Updatebeta2

Omegaboard Project ≫ Omegaboard Version1.0 Updatebeta3

Omegaboard Project ≫ Omegaboard Version1.0 Updatebeta4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	16.79%	0.947

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://marc.info/?l=bugtraq&m=117036933022782&w=2

Third Party Advisory

http://www.securityfocus.com/archive/1/458825/100/0/threaded

Third Party Advisory

VDB Entry

http://www.securityfocus.com/bid/22355

Third Party Advisory

VDB Entry

http://www.vupen.com/english/advisories/2007/0445

Not Applicable

http://www.xoron.info/bugs/omegaboard-html.txt

Broken Link