CVE

Id
23529  
CVE No.
CVE-2007-0172  
Status
Candidate  
Description
Multiple PHP remote file inclusion vulnerabilities in AllMyGuests 0.3.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the AMG_serverpath parameter to (1) comments.php and (2) signin.php; and possibly via a URL in unspecified parameters to (3) include/submit.inc.php, (4) admin/index.php, (5) include/cm_submit.inc.php, and (6) index.php.  
Phase
Assigned (20070110)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
227768 23529 CVE-2007-0172 MILW0RM:3093  View
227769 23529 CVE-2007-0172 URL:http://milw0rm.com/exploits/3093  View
227770 23529 CVE-2007-0172 BID:21918  View
227771 23529 CVE-2007-0172 URL:http://www.securityfocus.com/bid/21918  View
227772 23529 CVE-2007-0172 OSVDB:35915  View
227773 23529 CVE-2007-0172 URL:http://osvdb.org/35915  View
227774 23529 CVE-2007-0172 OSVDB:35916  View
227775 23529 CVE-2007-0172 URL:http://osvdb.org/35916  View
227776 23529 CVE-2007-0172 OSVDB:35917  View
227777 23529 CVE-2007-0172 URL:http://osvdb.org/35917  View
227778 23529 CVE-2007-0172 OSVDB:35919  View
227779 23529 CVE-2007-0172 URL:http://osvdb.org/35919  View
227780 23529 CVE-2007-0172 OSVDB:35921  View
227781 23529 CVE-2007-0172 URL:http://osvdb.org/35921  View
227782 23529 CVE-2007-0172 OSVDB:35923  View
227783 23529 CVE-2007-0172 URL:http://osvdb.org/35923  View
227784 23529 CVE-2007-0172 XF:allmyguests-multiple-file-include(31310)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
56237 JVNDB-2007-004929 Sina UC2006 の BRWOSSRE2UC.dll ActiveX コントロールにおけるバッファオーバーフローの脆弱性 Sina UC2006 の BRWOSSRE2UC.dll ActiveX コントロールには、バッファオーバーフローの脆弱性が存在します。 CVE-2007-0174 23529 7.5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-004929.html  View