PT-2007-1635 · Dayfox · Dayfox Blog

Publicado

2007-01-09

Atualizado

2018-10-16

CVE-2007-0150

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Dayfox Blog (affected versions not specified)

Description The issue concerns remote file inclusion vulnerabilities in the index.php file of Dayfox Blog. Remote attackers can execute arbitrary PHP code by providing a URL in the page, subject, and q parameters.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-0150

Produtos afetados

Dayfox Blog

PT-2007-1635 · Dayfox · Dayfox Blog

CVE-2007-0150

Identificadores relacionados

Produtos afetados

Referências · 7