CVE-2007-1721
published 2007-03-28CVE-2007-1721: Multiple PHP remote file inclusion vulnerabilities in C-Arbre 0.6PR7 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the…
PriorityP355critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
13.31%
95.9th percentile
Multiple PHP remote file inclusion vulnerabilities in C-Arbre 0.6PR7 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) Richtxt_functions.inc.php, (2) adddocfile.php, (3) auth_check.php, (4) browse_current_category.inc.php, (5) docfile_details.php, (6) main.php, (7) mainarticle.php, (8) maindocfile.php, (9) modify.php, (10) new.php, (11) resource_details.php, or (12) smallsearch.php in lib/; or (13) mwiki/LocalSettings.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| realink | c-arbre | <= 0.6_pr7 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-g385-472x-mccv: PHP remote file inclusion vulnerability in espaces/communiques/annotations
ghsa_unreviewed·2022-05-01·CVSS 10.0
CVE-2007-2261 [CRITICAL] GHSA-g385-472x-mccv: PHP remote file inclusion vulnerability in espaces/communiques/annotations
PHP remote file inclusion vulnerability in espaces/communiques/annotations.php in C-Arbre 0.6PR7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter, a different vector than CVE-2007-1721.
GHSA
GHSA-2w6m-rp7m-3mqc: Multiple PHP remote file inclusion vulnerabilities in C-Arbre 0
ghsa_unreviewed·2022-05-01
CVE-2007-1721 [HIGH] GHSA-2w6m-rp7m-3mqc: Multiple PHP remote file inclusion vulnerabilities in C-Arbre 0
Multiple PHP remote file inclusion vulnerabilities in C-Arbre 0.6PR7 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) Richtxt_functions.inc.php, (2) adddocfile.php, (3) auth_check.php, (4) browse_current_category.inc.php, (5) docfile_details.php, (6) main.php, (7) mainarticle.php, (8) maindocfile.php, (9) modify.php, (10) new.php, (11) resource_details.php, or (12) smallsearch.php in lib/; or (13) mwiki/LocalSettings.php.
VMware
Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues
vendor_vmware·2008-06-04·CVSS 2.6
CVE-2006-1721 [LOW] Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues
VMSA-2008-0009: Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues
Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMware Security AdvisorySynopsis: Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues VMware Security AdvisoryIssue date: VMware Security AdvisoryUpdated on:
CVEs: CVE-2006-1721, CVE-2007-4772, CVE-2007-5378, CVE-2007-5671, CVE-2008-0062, CVE-2008-0063, CVE-2008-0553, CVE-2008-0888, CVE-2
No detection rules found.
No writeups or analysis indexed.
http://advisories.echo.or.id/adv/adv78-K-159-2007.txthttp://securityreason.com/securityalert/2491http://www.securityfocus.com/archive/1/463925/100/0/threadedhttp://www.securityfocus.com/bid/23154http://www.vupen.com/english/advisories/2007/1119https://exchange.xforce.ibmcloud.com/vulnerabilities/33238https://www.exploit-db.com/exploits/3583http://advisories.echo.or.id/adv/adv78-K-159-2007.txthttp://securityreason.com/securityalert/2491http://www.securityfocus.com/archive/1/463925/100/0/threadedhttp://www.securityfocus.com/bid/23154http://www.vupen.com/english/advisories/2007/1119https://exchange.xforce.ibmcloud.com/vulnerabilities/33238https://www.exploit-db.com/exploits/3583
2007-03-28
Published