CVE-2007-2020

Unspecified vulnerability in administration.php in xodagallery allows remote attackers to execute arbitrary code via the cmd parameter. NOTE: CVE disputes this vulnerability because administration.php does not use the cmd parameter for inclusion

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://osvdb.org/35291
http://securityreason.com/securityalert/2561
http://www.attrition.org/pipermail/vim/2007-April/001516.html
http://www.securityfocus.com/archive/1/465088/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/33522

Configurations

Configuration 1 (hide)

cpe:2.3:a:xodagallery:xodagallery:*:*:*:*:*:*:*:*

History

07 Nov 2023, 02:00

Type	Values Removed	Values Added
Summary	DISPUTED Unspecified vulnerability in administration.php in xodagallery allows remote attackers to execute arbitrary code via the cmd parameter. NOTE: CVE disputes this vulnerability because administration.php does not use the cmd parameter for inclusion.	Unspecified vulnerability in administration.php in xodagallery allows remote attackers to execute arbitrary code via the cmd parameter. NOTE: CVE disputes this vulnerability because administration.php does not use the cmd parameter for inclusion

Information

Published : 2007-04-12 19:19

Updated : 2024-05-17 00:33

NVD link : CVE-2007-2020

Mitre link : CVE-2007-2020

CVE.ORG link : CVE-2007-2020

JSON object : View

Products Affected

xodagallery

xodagallery

CWE

NVD-CWE-Other

7.5 /10