CVE

Id
25429  
CVE No.
CVE-2007-2072  
Status
Candidate  
Description
** DISPUTED ** PHP remote file inclusion vulnerability in index.php in Ivan Gallery Script 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: this issue has been disputed by third party researchers for 0.3, stating that the dir variable is properly initialized before use.  
Phase
Assigned (20070417)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
253762 25429 CVE-2007-2072 BUGTRAQ:20070416 Ivan Gallery Script V.0.1 (index.php) Remote File Include Exploit  View
253763 25429 CVE-2007-2072 URL:http://www.securityfocus.com/archive/1/archive/1/465897/100/0/threaded  View
253764 25429 CVE-2007-2072 VIM:20070417 Not Quite: Ivan Gallery Script V.0.1 (index.php) Remote File Include Exploit  View
253765 25429 CVE-2007-2072 URL:http://attrition.org/pipermail/vim/2007-April/001534.html  View
253766 25429 CVE-2007-2072 BID:23519  View
253767 25429 CVE-2007-2072 URL:http://www.securityfocus.com/bid/23519  View
253768 25429 CVE-2007-2072 OSVDB:35395  View
253769 25429 CVE-2007-2072 URL:http://osvdb.org/35395  View
253770 25429 CVE-2007-2072 SREASON:2580  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
56729 JVNDB-2007-005421 ScramDisk 4 Linux のコンテナ内の特定のプログラムにおける権限を取得される脆弱性 ScramDisk 4 Linux のコンテナ内の特定のプログラムは、SUID パーミッションで実行するため、権限を取得される脆弱性が存在します。 CVE-2007-2074 25429 4.6 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-005421.html  View