CVE

Id
27474  
CVE No.
CVE-2007-4117  
Status
Candidate  
Description
** DISPUTED ** PHP remote file inclusion vulnerability in index.php in phpWebFileManager 0.5 allows remote attackers to execute arbitrary PHP code via a URL in the PN_PathPrefix parameter. NOTE: this issue is disputed by a reliable third party, who demonstrates that PN_PathPrefix is defined before use.  
Phase
Assigned (20070801)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
282581 27474 CVE-2007-4117 BUGTRAQ:20070730 phpWebFileManager v0.5 (PN_PathPrefix) Remote File Include Vulnerability  View
282582 27474 CVE-2007-4117 URL:http://www.securityfocus.com/archive/1/archive/1/475095/100/0/threaded  View
282583 27474 CVE-2007-4117 VIM:20070731 WTF: phpWebFileManager v0.5 (PN_PathPrefix) Remote File Include Vulnerability  View
282584 27474 CVE-2007-4117 URL:http://www.attrition.org/pipermail/vim/2007-July/001744.html  View
282585 27474 CVE-2007-4117 SREASON:2940  View
282586 27474 CVE-2007-4117 URL:http://securityreason.com/securityalert/2940  View
282587 27474 CVE-2007-4117 XF:phpwebfilemanager-index-file-include(35690)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
53763 JVNDB-2007-002455 Berthanas Ziyaretci Defteri 2.0 の yonetici.asp における SQL インジェクションの脆弱性 Berthanas Ziyaretci Defteri 2.0 の yonetici.asp には、SQL インジェクションの脆弱性が存在します。 CVE-2007-4119 27474 7.5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-002455.html  View