CVE-2007-1416

Опубликовано: 12 мар. 2007

Источник: nvd

CVSS2: 10

EPSS Низкий

Описание

PHP remote file inclusion vulnerability in createurl.php in JCcorp (aka James Coyle) URLshrink allows remote attackers to execute arbitrary PHP code via a URL in the formurl parameter.

Ссылки

http://osvdb.org/33982
http://secunia.com/advisories/24340
http://securityreason.com/securityalert/2415
http://www.securityfocus.com/archive/1/462310/100/0/threaded
http://www.securityfocus.com/archive/1/463523/100/0/threaded
http://www.securityfocus.com/bid/22894
Exploit
http://www.vupen.com/english/advisories/2007/0902
http://osvdb.org/33982
http://secunia.com/advisories/24340
http://securityreason.com/securityalert/2415
http://www.securityfocus.com/archive/1/462310/100/0/threaded
http://www.securityfocus.com/archive/1/463523/100/0/threaded
http://www.securityfocus.com/bid/22894
Exploit
http://www.vupen.com/english/advisories/2007/0902

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jccorp:urlshrink:1.3.1:*:*:*:*:*:*:*

EPSS

Процентиль: 84%

0.02156

Низкий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-mfp2-48j3-hvqc

github

почти 4 года назад