CVE-2007-5440 in CRS Manager
摘要 (英语)
** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in CRS Manager allow remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter to (1) index.php or (2) login.php. NOTE: this issue is disputed by CVE, since DOCUMENT_ROOT cannot be modified by an attacker.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
预定
2007-10-14
披露
2007-10-14
状态
已确认
条目
VulDB provides additional information and datapoints for this CVE:
| 标识符 | 漏洞 | CWE | 可利用 | 对策 | CVE |
|---|---|---|---|---|---|
| 39247 | CRS Manager index.php 权限提升 | 20 | 概念验证 | 未定义 | CVE-2007-5440 |