Vulnerability Details CVE-2007-3325
PHP remote file inclusion vulnerability in lib/language.php in LAN Management System (LMS) 1.9.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _LIB_DIR parameter, a different vector than CVE-2007-1643 and CVE-2007-2205.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.313
EPSS Ranking 96.6%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/36194
- http://www.securityfocus.com/bid/24578
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34959
- https://www.exploit-db.com/exploits/4086
- http://osvdb.org/36194
- http://www.securityfocus.com/bid/24578
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34959
- https://www.exploit-db.com/exploits/4086
Products affected by CVE-2007-3325
-
cpe:2.3:a:lms:lan_management_system:*