CVE-2007-5223

EPSS 0.97%
Published 05.10.2007 00:17:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Multiple unspecified vulnerabilities in AlstraSoft Affiliate Network Pro allow remote attackers to include local files and have other unspecified impact, related to incorrect input validation or other defects involving (1) admin/backupstart.php, (2) a .sql filename under admin/admin/dump/, (3) a .sql filename in the fl parameter to admin/downloadbackup.php, and (4) a .. (dot dot) in the fl parameter to admin/downloadbackup.php.

Affected products Warnungen 0 Metrics 2 CWE 0 References 10

Data is provided by the National Vulnerability Database (NVD)

Alstrasoft ≫ Affiliate Network Pro Version8.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.97%	0.746

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

http://osvdb.org/42342

http://osvdb.org/42343

http://osvdb.org/42344

http://securityreason.com/securityalert/3191

http://www.securityfocus.com/archive/1/481206/100/0/threaded

http://www.securityfocus.com/bid/25882

http://www.vupen.com/english/advisories/2007/3344

https://nvd.nist.gov/vuln/detail/CVE-2007-5223

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-5223

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-5223

EUVD