CVE

Id
24803  
CVE No.
CVE-2007-1446  
Status
Candidate  
Description
Multiple PHP remote file inclusion vulnerabilities in Open Education System (OES) 0.1beta allow remote attackers to execute arbitrary PHP code via a URL in the CONF_INCLUDE_PATH parameter to (1) lib-account.inc.php, (2) lib-file.inc.php, (3) lib-group.inc.php, (4) lib-log.inc.php, (5) lib-mydb.inc.php, (6) lib-template-mod.inc.php, and (7) lib-themes.inc.php in includes/.  
Phase
Assigned (20070313)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
245593 24803 CVE-2007-1446 BUGTRAQ:20070313 [ECHO_ADV_69$2007] OES (Open Educational System) 0.1beta Remote File Inclusion Vulnerability  View
245594 24803 CVE-2007-1446 URL:http://www.securityfocus.com/archive/1/archive/1/462670/100/0/threaded  View
245595 24803 CVE-2007-1446 MISC:http://advisories.echo.or.id/adv/adv69-K-159-2007.txt  View
245596 24803 CVE-2007-1446 BID:22934  View
245597 24803 CVE-2007-1446 URL:http://www.securityfocus.com/bid/22934  View
245598 24803 CVE-2007-1446 VUPEN:ADV-2007-0920  View
245599 24803 CVE-2007-1446 URL:http://www.vupen.com/english/advisories/2007/0920  View
245600 24803 CVE-2007-1446 SREASON:2421  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
53005 JVNDB-2007-001697 CA BrightStor ARCserve Backup の Tape Engine におけるサービス運用妨害 (DoS) の脆弱性 Computer Associates (CA) BrightStor ARCserve Backup の Tape Engine には、サービス運用妨害 (インターフェース使用不能) 状態となる脆弱性が存在します。 CVE-2007-1448 24803 2.1 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001697.html  View