6.8

CVE-2007-5223

EPSS 0.97%
Veröffentlicht 05.10.2007 00:17:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Multiple unspecified vulnerabilities in AlstraSoft Affiliate Network Pro allow remote attackers to include local files and have other unspecified impact, related to incorrect input validation or other defects involving (1) admin/backupstart.php, (2) a .sql filename under admin/admin/dump/, (3) a .sql filename in the fl parameter to admin/downloadbackup.php, and (4) a .. (dot dot) in the fl parameter to admin/downloadbackup.php.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Alstrasoft ≫ Affiliate Network Pro Version8.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.97%	0.746

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

http://osvdb.org/42342

http://osvdb.org/42343

http://osvdb.org/42344

http://securityreason.com/securityalert/3191

http://www.securityfocus.com/archive/1/481206/100/0/threaded

http://www.securityfocus.com/bid/25882

http://www.vupen.com/english/advisories/2007/3344

https://nvd.nist.gov/vuln/detail/CVE-2007-5223

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-5223

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-5223

EUVD