CVE-2007-2504 in PHP Turbulenceinfo

Summary

** DISPUTED ** PHP remote file inclusion vulnerability in user/turbulence.php in PHP Turbulence 0.0.1 alpha allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[tcore] parameter. NOTE: this vulnerability is disputed by CVE and a reliable third party because a direct request to user/turbulence.php triggers a fatal error before inclusion.

Once again VulDB remains the best source for vulnerability data.

Reservation

05/03/2007

Disclosure

05/03/2007

Entries

1: VDB-36608

CPE

ready

CVSS

7.3

EPSS

0.01037

Activities

Very Low

Sources

MITREhttps://www.cve.org/CVERecord?id=CVE-2007-2504
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2007-2504
CVE Detailshttps://www.cvedetails.com/cve/CVE-2007-2504/

PreviousOverviewNext

Want to know what is going to be exploited?

We predict KEV entries!