CVE

Id
24343  
CVE No.
CVE-2007-0986  
Status
Candidate  
Description
PHP remote file inclusion vulnerability in index.php in Jupiter CMS 1.1.5, when PHP 5.0.0 or later is used, allows remote attackers to execute arbitrary PHP code via an ftp URL in the n parameter.  
Phase
Assigned (20070216)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
239227 24343 CVE-2007-0986 BUGTRAQ:20070214 Jupiter CMS 1.1.5 Multiple Vulnerabilities  View
239228 24343 CVE-2007-0986 URL:http://www.securityfocus.com/archive/1/archive/1/460076/100/0/threaded  View
239229 24343 CVE-2007-0986 BUGTRAQ:20070214 Re: Jupiter CMS 1.1.5 Multiple Vulnerabilities  View
239230 24343 CVE-2007-0986 URL:http://www.securityfocus.com/archive/1/archive/1/460100/100/0/threaded  View
239231 24343 CVE-2007-0986 MISC:http://mgsdl.free.fr/advisories/12070214.txt  View
239232 24343 CVE-2007-0986 MISC:http://www.acid-root.new.fr/advisories/12070214.txt  View
239233 24343 CVE-2007-0986 MILW0RM:3309  View
239234 24343 CVE-2007-0986 URL:http://milw0rm.com/exploits/3309  View
239235 24343 CVE-2007-0986 BID:22560  View
239236 24343 CVE-2007-0986 URL:http://www.securityfocus.com/bid/22560  View
239237 24343 CVE-2007-0986 OSVDB:33730  View
239238 24343 CVE-2007-0986 URL:http://osvdb.org/33730  View
239239 24343 CVE-2007-0986 XF:jupitercm-index-n-file-include(32519)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
51507 JVNDB-2007-000169 PHP の zend_hash_init() 関数におけるサービス運用妨害 (DoS) の脆弱性 PHP の zend_hash_init() 関数には、64-bit プラットフォーム上で動作している際に、シリアル化されていない不正なデータを扱うことで無限ループが発生し、CPU リソースを消費してしまう問題が存在します。 CVE-2007-0988 24343 4.3 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000169.html  View