CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-5453

Multiple eval injection vulnerabilities in Php-Stats 0.1.9.2 allow remote authenticated administrators to execute arbitrary code by writing PHP sequences to the php-stats-options record in the _options table, which is used in an eval function call by (1) admin.php, (2) click.php, (3) download.php, and unspecified other files, as demonstrated by modifying _options through a backup restore action in admin.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.045

EPSS Ranking 88.6%

CVSS Severity

CVSS v2 Score 8.5

References

http://osvdb.org/43480
http://www.securityfocus.com/bid/26022
https://www.exploit-db.com/exploits/4513
http://osvdb.org/43480
http://www.securityfocus.com/bid/26022
https://www.exploit-db.com/exploits/4513

Products affected by CVE-2007-5453

Php-Stats » Php-Stats » Version: 0.1.9.2

cpe:2.3:a:php-stats:php-stats:0.1.9.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-5453

Products

Pricing

Contact Us