CVE-2007-0495
published 2007-01-25CVE-2007-0495: PHP remote file inclusion vulnerability in include/config.inc.php in PhpSherpa allows remote attackers to execute arbitrary PHP code via a URL in the racine…
PriorityP347critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
3.71%
88.4th percentile
PHP remote file inclusion vulnerability in include/config.inc.php in PhpSherpa allows remote attackers to execute arbitrary PHP code via a URL in the racine parameter.
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9mc2-gh23-h253: PHP remote file inclusion vulnerability in include/config
ghsa_unreviewed·2022-05-01
CVE-2007-0495 [HIGH] GHSA-9mc2-gh23-h253: PHP remote file inclusion vulnerability in include/config
PHP remote file inclusion vulnerability in include/config.inc.php in PhpSherpa allows remote attackers to execute arbitrary PHP code via a URL in the racine parameter.
Red Hat
CVE-2008-0495: Unspecified vulnerability in the Pegasus CIM Server in IBM Hardware Management Console (HMC) 7 R3
vendor_redhat·CVSS 7.5
CVE-2008-0495 [HIGH] CVE-2008-0495: Unspecified vulnerability in the Pegasus CIM Server in IBM Hardware Management Console (HMC) 7 R3
Unspecified vulnerability in the Pegasus CIM Server in IBM Hardware Management Console (HMC) 7 R3.2.0 allows remote attackers to cause a denial of service via unspecified vectors.
Statement: We believe this issue is a duplicate of CVE-2007-5360. Not vulnerable. This issue did not affect versions of tog-pegasus as shipped with Red Hat Enterprise Linux 4, or 5. For more details see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2007-5360
No detection rules found.
No writeups or analysis indexed.
2007-01-25
Published