CVE-2007-5258

Loading...

General

Score:7.5/10.0
Severity:High
Category:Input Validation Error
Exploit:Available

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Published on 06/10/07 - Updated on 15/11/08

Description

PHP remote file inclusion vulnerability in log.php in phpFreeLog alpha 0.2.0 allows remote attackers to include and execute arbitrary files via unspecified vectors. NOTE: the original disclosure is likely erroneous.

Category: Input Validation Error

CWE-20 (Input Validation)
The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.

Security Notices

US National Vulnerability DatabaseCVE-2007-5258

Exploits

SecurityFocusBID-25873

Relative technologies

VendorProduct
phpfreelogphpfreelog

Share this vulnerability with:

Twitter Facebook LinkedIn Mail