NVD

Id
57015  
Name
CVE-2007-4925  
Description
The ewirePC_Decrypt function in ewirepcfunctions.php in eWire Payment Client (ePC) 1.60 and 1.70 allows remote attackers to execute arbitrary commands via shell metacharacters in the paymentinfo parameter to simplePHPLinux/3payment_receive.php.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-07  
Published
2007-09-18  
Modified Date
2013-09-13  
Seq
2007-4925  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
291032 57015 CVE-2007-4925 http://www.fortconsult.net/images/pdf/advisory_feb2007.pdf  View
291033 57015 CVE-2007-4925 25683  View
291034 57015 CVE-2007-4925 ADV-2007-3183  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
53946 JVNDB-2007-002638 ePC の ewirepcfunctions.php の ewirePC_Decrypt 関数における任意のコマンドを実行される脆弱性 eWire Payment Client (ePC) の ewirepcfunctions.php の ewirePC_Decrypt 関数には、任意のコマンドを実行される脆弱性が存在します。 CVE-2007-4925 28280 CVE-2007-4925 57015 7.5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-002638.html 2007-09-18 2012-06-26 View