Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6347

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2007-6347
Last Modified 07 Mar 2011 10:02:30
Published 13 Dec 2007 05:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-6347

Summary

PHP remote file inclusion vulnerability in blocks/block_site_map.php in ViArt (1) CMS 3.3.2, (2) HelpDesk 3.3.2, (3) Shop Evaluation 3.3.2, and (4) Shop Free 3.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the root_folder_path parameter. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Viart Cms 3.3.2

  • Viart Helpdesk 3.3.2

  • Viart Shop Evaluation 3.3.2

  • Viart Shop Free 3.3.2


References

VUPEN - ADV-2007-4207

BID - 26828

SECUNIA - 28066

OSVDB - 42628

MILW0RM - 4722

XF - viart-blocksitemap-file-include(38993)


Last Updated: 27 May 2016 10:46:28