CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-2859

Multiple PHP remote file inclusion vulnerabilities in SimpGB 1.46.0 allow remote attackers to execute arbitrary PHP code via a URL in the path_simpgb parameter to (1) guestbook.php, (2) search.php, (3) mailer.php, (4) avatars.php, (5) ccode.php, (6) comments.php, (7) emoticons.php, (8) gbdownload.php, and possibly other PHP scripts.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.022

EPSS Ranking 83.7%

CVSS Severity

CVSS v2 Score 7.5

References

http://osvdb.org/38101
http://osvdb.org/38102
http://osvdb.org/38103
http://osvdb.org/38104
http://osvdb.org/38105
http://osvdb.org/38106
http://osvdb.org/38107
http://osvdb.org/38108
http://securityreason.com/securityalert/2735
http://www.attrition.org/pipermail/vim/2007-May/001626.html
http://www.securityfocus.com/archive/1/469219/100/0/threaded
http://www.xmors-seurity.com/advisory/SimpGB%28rfi%29.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/34428
http://osvdb.org/38101
http://osvdb.org/38102
http://osvdb.org/38103
http://osvdb.org/38104
http://osvdb.org/38105
http://osvdb.org/38106
http://osvdb.org/38107
http://osvdb.org/38108
http://securityreason.com/securityalert/2735
http://www.attrition.org/pipermail/vim/2007-May/001626.html
http://www.securityfocus.com/archive/1/469219/100/0/threaded
http://www.xmors-seurity.com/advisory/SimpGB%28rfi%29.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/34428

Products affected by CVE-2007-2859

Simpgb » Simpgb » Version: 1.46.0

cpe:2.3:a:simpgb:simpgb:1.46.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-2859

Products

Pricing

Contact Us