CVE-2007-2736

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2007-2736
PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter.

10.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://osvdb.org/37919
http://www.securityfocus.com/bid/23992
https://exchange.xforce.ibmcloud.com/vulnerabilities/34305
https://www.exploit-db.com/exploits/3928
http://osvdb.org/37919
http://www.securityfocus.com/bid/23992
https://exchange.xforce.ibmcloud.com/vulnerabilities/34305
https://www.exploit-db.com/exploits/3928
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:apple:a_ux:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:tru64:*:*:*:*:*:*:*:*
cpe:2.3:o:ibm:os2:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_95:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*
cpe:2.3:o:santa_cruz_operation:sco_unix:*:*:*:*:*:*:*:*
cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*
cpe:2.3:o:windriver:bsdos:*:*:*:*:*:*:*:*
cpe:2.3:a:achievo:achievo:1.1.0:*:*:*:*:*:*:*
History

21 Nov 2024, 00:31

Type Values Removed Values Added
References () http://osvdb.org/37919 - () http://osvdb.org/37919 -
References () http://www.securityfocus.com/bid/23992 - () http://www.securityfocus.com/bid/23992 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/34305 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/34305 -
References () https://www.exploit-db.com/exploits/3928 - () https://www.exploit-db.com/exploits/3928 -
Information

Published : 2007-05-17 19:30

Updated : 2025-04-09 00:30

NVD link : CVE-2007-2736

Mitre link : CVE-2007-2736

CVE.ORG link : CVE-2007-2736

JSON object : View

Products Affected

microsoft

  • windows_2003_server
  • windows_nt
  • windows_2000
  • windows_98
  • windows_xp
  • windows_95
  • windows_me
  • windows_98se

hp

  • tru64
  • hp-ux

windriver

  • bsdos

sun

  • solaris

apple

  • a_ux
  • mac_os_x

ibm

  • os2

achievo

  • achievo

linux

  • linux_kernel

santa_cruz_operation

  • sco_unix
CWE
NVD-CWE-Other