7.5
CVE-2007-6179
- EPSS 7.79%
- Veröffentlicht 30.11.2007 00:46:00
- Zuletzt bearbeitet 16.06.2026 22:47:33
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple PHP remote file inclusion vulnerabilities in Charray's CMS 0.9.3 allow remote attackers to execute arbitrary PHP code via a URL in the ccms_library_path parameter to (1) markdown.php and (2) gallery.php in decoder/.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Kinson Chan Charray ≫ Cms Version0.9.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 7.79% | 0.939 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://osvdb.org/38912
http://osvdb.org/38913
http://secunia.com/advisories/27854
http://www.securityfocus.com/bid/26619
https://exchange.xforce.ibmcloud.com/vulnerabilities/38678
https://www.exploit-db.com/exploits/4672