Vulnerability Details CVE-2007-5600
Incomplete blacklist vulnerability in index.php in Artmedic CMS 3.4 and earlier allows remote attackers to execute arbitrary PHP code via a (1) UNC share pathname, or a (2) ftps, (3) ssh2.sftp, or (4) ssh2.scp URL, in the page parameter, for which PHP remote file inclusion is blocked only for http, https, and ftp URLs.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.027
EPSS Ranking 85.6%
CVSS Severity
CVSS v2 Score 6.8
Products affected by CVE-2007-5600
-
cpe:2.3:a:artmedic_webdesign:artmedic_cms:*