6.8
CVE-2007-2003
- EPSS 2.01%
- Veröffentlicht 12.04.2007 19:19:00
- Zuletzt bearbeitet 16.06.2026 22:38:43
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginInoutMailingListManager 3.1 and earlier sends a Location redirect header but does not exit after an authorization check fails, which allows remote attackers to access certain restricted functionality, and upload and execute arbitrary PHP code, by ignoring the redirect.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Inoutmailinglistmanager ≫ Inoutmailinglistmanager Version <= 3.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.01% | 0.783 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
https://www.exploit-db.com/exploits/3702
http://secunia.com/advisories/24842
http://www.vupen.com/english/advisories/2007/1345