CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-0862

PHP remote file inclusion vulnerability in index.php in gnopaste 0.5.3 and earlier allows remote attackers to execute arbitrary PHP code via the GNP_REAL_PATH parameter. NOTE: CVE and a third party dispute this issue, since GNP_REAL_PATH is a constant, not a variable

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 64.9%

CVSS Severity

CVSS v2 Score 6.8

References

http://www.securityfocus.com/archive/1/458460/100/100/threaded
http://www.securityfocus.com/archive/1/458559/100/100/threaded
http://www.securityfocus.com/archive/1/458460/100/100/threaded
http://www.securityfocus.com/archive/1/458559/100/100/threaded

Products affected by CVE-2007-0862

Gnopaste » Gnopaste » Version: Any

cpe:2.3:a:gnopaste:gnopaste:*
Gnopaste » Gnopaste » Version: 0.5.2

cpe:2.3:a:gnopaste:gnopaste:0.5.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-0862

Products

Pricing

Contact Us