Iptel Serweb vulnerabilities
4 known vulnerabilities affecting iptel/serweb.
Total CVEs
4
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2007-3358P3MEDIUMCVSS 6.8PoC≤ 0.9.62007-06-22
CVE-2007-3358 [MEDIUM] CVE-2007-3358: PHP remote file inclusion vulnerability in html/load_lang.php in SerWeb 0.9.6 and earlier allows rem
PHP remote file inclusion vulnerability in html/load_lang.php in SerWeb 0.9.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _SERWEB[serwebdir] parameter.
nvd
CVE-2007-6289P3MEDIUMCVSS 6.8PoC≤ 2.0.0dev12007-12-10
CVE-2007-6289 [MEDIUM] CVE-2007-6289: Multiple PHP remote file inclusion vulnerabilities in SerWeb 2.0.0 dev1 and earlier allow remote att
Multiple PHP remote file inclusion vulnerabilities in SerWeb 2.0.0 dev1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) _SERWEB[configdir] parameter to load_lang.php, (2) _SERWEB[functionsdir] parameter to main_prepend.php, and the (3) _PHPLIB[libdir] parameter to load_phplib.php, different vectors than CVE-2007-3359 and
nvd
CVE-2007-6290P4MEDIUMCVSS 5.0PoCv2.0.0dev12007-12-10
CVE-2007-6290 [MEDIUM] CWE-22 CVE-2007-6290: Multiple directory traversal vulnerabilities in js/get_js.php in SERWeb 2.0.0 dev1 and earlier allow
Multiple directory traversal vulnerabilities in js/get_js.php in SERWeb 2.0.0 dev1 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) mod and (2) js parameters.
nvd
CVE-2007-3359P4MEDIUMCVSS 6.8≤ 0.9.62007-06-22
CVE-2007-3359 [MEDIUM] CVE-2007-3359: Multiple PHP remote file inclusion vulnerabilities in SerWeb 0.9.6 and earlier allow remote attacker
Multiple PHP remote file inclusion vulnerabilities in SerWeb 0.9.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the _SERWEB[serwebdir] parameter to (1) html/load_apu.php or (2) html/mail_prepend.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
nvd