CVE-2007-2001 in Crea-Bookinfo

Zusammenfassung

von MITRE

Multiple direct static code injection vulnerabilities in admin/configurer2.php in Crea-Book 1.0 and earlier allow remote authenticated administrators to execute arbitrary PHP code via the "Fond de la page" (background color) field and other unspecified fields, which injects into config.inc.php3.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

12.04.2007

Veröffentlichung

12.04.2007

Moderieren

akzeptiert

Eintrag

VDB-36143

CPE

bereit

CWE

CWE-94 (unbestätigt)

Exploit

Download

CVSS

6.5 (NVD)

EPSS

0.05378

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-2001
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-2001
CVE Details	https://www.cvedetails.com/cve/CVE-2007-2001/

◂ Zurück Übersicht Weiter ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!