Multiple PHP remote file inclusion vulnerabilities in AllMyGuests 0.3.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the AMG_serverpath parameter to (1) comments.php and (2) signin.php; and possibly via a URL in unspecified parameters to (3) include/submit.inc.php, (4) admin/index.php, (5) include/cm_submit.inc.php, and (6) index.php.
References
| Link | Resource |
|---|---|
| http://osvdb.org/35915 | Broken Link |
| http://osvdb.org/35916 | Broken Link |
| http://osvdb.org/35917 | Broken Link |
| http://osvdb.org/35919 | Broken Link |
| http://osvdb.org/35921 | Broken Link |
| http://osvdb.org/35923 | Broken Link |
| http://www.securityfocus.com/bid/21918 | Exploit Third Party Advisory VDB Entry Vendor Advisory |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/31310 | VDB Entry |
| https://www.exploit-db.com/exploits/3093 | Third Party Advisory VDB Entry |
Configurations
History
23 Apr 2024, 19:52
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:allmyguests_project:allmyguests:*:*:*:*:*:*:*:* | |
| First Time |
Allmyguests Project allmyguests
Allmyguests Project |
|
| References | () http://osvdb.org/35915 - Broken Link | |
| References | () http://osvdb.org/35916 - Broken Link | |
| References | () http://osvdb.org/35917 - Broken Link | |
| References | () http://osvdb.org/35919 - Broken Link | |
| References | () http://osvdb.org/35921 - Broken Link | |
| References | () http://osvdb.org/35923 - Broken Link | |
| References | () http://www.securityfocus.com/bid/21918 - Exploit, Third Party Advisory, VDB Entry, Vendor Advisory | |
| References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/31310 - VDB Entry | |
| References | () https://www.exploit-db.com/exploits/3093 - Third Party Advisory, VDB Entry |
Information
Published : 2007-01-11 00:28
Updated : 2024-04-23 19:52
NVD link : CVE-2007-0172
Mitre link : CVE-2007-0172
CVE.ORG link : CVE-2007-0172
JSON object : View
Products Affected
allmyguests_project
- allmyguests
CWE