Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4170

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2007-4170
Last Modified 05 Sep 2008 05:27:35
Published 07 Aug 2007 06:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4170

Summary

Multiple PHP remote file inclusion vulnerabilities in AL-Athkar 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) include parameter to (a) Main.php and (b) get.php and the (2) exec parameter to (c) count.php.

Vulnerable Systems

Application

  • Al-athkar 2.0


References

BUGTRAQ - 20070804 AL-Athkar.v2.0 Remote File Include

XF - alathkar-include-file-include(35818)

SREASON - 2964


Last Updated: 27 May 2016 10:45:46