Vulnerability Details CVE-2007-1416
PHP remote file inclusion vulnerability in createurl.php in JCcorp (aka James Coyle) URLshrink allows remote attackers to execute arbitrary PHP code via a URL in the formurl parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 83.2%
CVSS Severity
CVSS v2 Score 10.0
References
- http://osvdb.org/33982
- http://secunia.com/advisories/24340
- http://securityreason.com/securityalert/2415
- http://www.securityfocus.com/archive/1/462310/100/0/threaded
- http://www.securityfocus.com/archive/1/463523/100/0/threaded
- http://www.securityfocus.com/bid/22894
- http://www.vupen.com/english/advisories/2007/0902
- http://osvdb.org/33982
- http://secunia.com/advisories/24340
- http://securityreason.com/securityalert/2415
- http://www.securityfocus.com/archive/1/462310/100/0/threaded
- http://www.securityfocus.com/archive/1/463523/100/0/threaded
- http://www.securityfocus.com/bid/22894
- http://www.vupen.com/english/advisories/2007/0902