CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-1631

PHP remote file inclusion vulnerability in signup.php in CLBOX 1.01 allows remote attackers to execute arbitrary PHP code via a URL in the header parameter. NOTE: this issue has been disputed by a reliable third party, stating that header is defined through an include file before use

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 76.1%

CVSS Severity

CVSS v2 Score 10.0

References

http://securityreason.com/securityalert/2469
http://www.attrition.org/pipermail/vim/2007-March/001443.html
http://www.osvdb.org/33503
http://www.securityfocus.com/archive/1/463076/100/0/threaded
http://securityreason.com/securityalert/2469
http://www.attrition.org/pipermail/vim/2007-March/001443.html
http://www.osvdb.org/33503
http://www.securityfocus.com/archive/1/463076/100/0/threaded

Products affected by CVE-2007-1631

Clbox » Clbox » Version: 1.01

cpe:2.3:a:clbox:clbox:1.01

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-1631

Products

Pricing

Contact Us