NVD

Id
54168  
Name
CVE-2007-1998  
Description
Direct static code injection vulnerability in HIOX Guest Book (HGB) 4.0 allows remote attackers to inject arbitrary PHP code via the Email field, which results in code execution through a direct request to gb.php.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-07  
Published
2007-04-12  
Modified Date
2011-03-07  
Seq
2007-1998  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
274693 54168 CVE-2007-1998 3697  View
274694 54168 CVE-2007-1998 ADV-2007-1333  View
274695 54168 CVE-2007-1998 hgb-gb-command-execution(33540)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
54988 JVNDB-2007-003680 HGB における任意の PHP コードを挿入される脆弱性 HIOX Guest Book (HGB) は、直接静的コードを挿入されることにより、任意の PHP コードを挿入される脆弱性が存在します。 CVE-2007-1998 25353 CVE-2007-1998 54168 7.5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-003680.html 2007-04-12 2012-09-25 View