CVE-2007-6174

Опубликовано: 30 нояб. 2007

Источник: nvd

CVSS2: 8.5

EPSS Низкий

Описание

PHPDevShell before 0.7.0 allows remote authenticated users to gain privileges via a crafted request to update a user profile. NOTE: some of these details are obtained from third party information.

Ссылки

http://secunia.com/advisories/27828
Patch
Vendor Advisory
http://www.phpdevshell.org/changelog
http://www.securityfocus.com/bid/26615
https://exchange.xforce.ibmcloud.com/vulnerabilities/38736
http://secunia.com/advisories/27828
Patch
Vendor Advisory
http://www.phpdevshell.org/changelog
http://www.securityfocus.com/bid/26615
https://exchange.xforce.ibmcloud.com/vulnerabilities/38736

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phpdevshell:phpdevshell:*:*:*:*:*:*:*:*

Версия до 0.6.0 (включая)

EPSS

Процентиль: 69%

0.0061

Низкий

8.5 High

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-wwj2-hpx3-j824

github

почти 4 года назад