CVE-2007-2001 in Crea-Bookالمعلومات

الملخص

بحسب MITRE

Multiple direct static code injection vulnerabilities in admin/configurer2.php in Crea-Book 1.0 and earlier allow remote authenticated administrators to execute arbitrary PHP code via the "Fond de la page" (background color) field and other unspecified fields, which injects into config.inc.php3.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

حجز

12/04/2007

إفشاء

12/04/2007

الاعتدال

تمت الموافقة

إدخال

VDB-36143

CPE

جاهز

CWE

CWE-94 (غير مؤكد)

استغلال

تحميل

CVSS

6.5 (NVD)

EPSS

0.05378

KEV

لا

النشاطات

منخفض جدًا

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-2001
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-2001
CVE Details	https://www.cvedetails.com/cve/CVE-2007-2001/

التالي ▸نظرة عامة ◂ السابق

Interested in the pricing of exploits?

See the underground prices here!