CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-4170

Multiple PHP remote file inclusion vulnerabilities in AL-Athkar 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) include parameter to (a) Main.php and (b) get.php and the (2) exec parameter to (c) count.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 72.9%

CVSS Severity

CVSS v2 Score 10.0

References

http://securityreason.com/securityalert/2964
http://www.securityfocus.com/archive/1/475646/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/35818
http://securityreason.com/securityalert/2964
http://www.securityfocus.com/archive/1/475646/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/35818

Products affected by CVE-2007-4170

Al-Athkar » Al-Athkar » Version: 2.0

cpe:2.3:a:al-athkar:al-athkar:2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-4170

Products

Pricing

Contact Us