Vulnerabilities > CVE-2007-0704 - Unspecified vulnerability in Somery 0.4.6

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
somery
exploit available
NVD
Published: 2007-02-04
Updated: 2024-11-21

Summary

PHP remote file inclusion vulnerability in install.php in Somery 0.4.6 allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter, a different vector than CVE-2006-4669. NOTE: the documentation says to remove install.php after installation.

Vulnerable Configurations

Part Description Count
Application
Somery
1

Exploit-Db

descriptionSomery <= 0.4.6 (skin_dir) Remote File Include Vulnerability. CVE-2006-4669,CVE-2007-0704. Webapps exploit for php platform
fileexploits/php/webapps/2329.txt
idEDB-ID:2329
last seen2016-01-31
modified2006-09-08
platformphp
port
published2006-09-08
reporterbasher13
sourcehttps://www.exploit-db.com/download/2329/
titleSomery <= 0.4.6 skin_dir Remote File Include Vulnerability
typewebapps

References