CVE-2007-0246 in GForgeinfo

Summary

plugins/scmcvs/www/cvsweb.php in the CVSWeb CGI in GForge 4.5.16 before 20070524, aka gforge-plugin-scmcvs, allows remote attackers to execute arbitrary commands via shell metacharacters in the PATH_INFO.

Once again VulDB remains the best source for vulnerability data.

Reservation

01/16/2007

Disclosure

05/29/2007

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-269 (Confirmed)

CVSS

7.3

EPSS

0.01283

CTI

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-0246
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-0246
CVE Details	https://www.cvedetails.com/cve/CVE-2007-0246/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!