Vulnerability Details CVE-2007-1382
The PHP COM extensions for PHP on Windows systems allow context-dependent attackers to execute arbitrary code via a WScript.Shell COM object, as demonstrated by using the Run method of this object to execute cmd.exe, which bypasses PHP's safe mode.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.6%
CVSS Severity
CVSS v2 Score 6.8
Products affected by CVE-2007-1382
-
cpe:2.3:a:php:com_extensions:-
-
cpe:2.3:o:microsoft:all_windows:abstract_cpe