Vulnerabilities > CVE-2007-0820 - Remote File Include vulnerability in Cedric Claire Portailphp 2

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

cedric

exploit available

NVD

Published: 2007-02-07

Updated: 2017-07-29

Summary

Multiple PHP remote file inclusion vulnerabilities in Cedric CLAIRE PortailPhp 2 allow remote attackers to execute arbitrary PHP code via a URL in the chemin parameter to (1) mod_news/index.php, (2) mod_news/goodies.php, or (3) mod_search/index.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Configurations

Part	Description	Count
Application	Cedric Cedric Claire Portailphp 2	1

Exploit-Db

description	PortailPHP 2 mod_news/index.php chemin Parameter Remote File Inclusion. CVE-2007-0820. Webapps exploit for php platform
id	EDB-ID:29564
last seen	2016-02-03
modified	2007-02-03
published	2007-02-03
reporter	laurent gaffie
source	https://www.exploit-db.com/download/29564/
title	PortailPHP 2 mod_news/index.php chemin Parameter Remote File Inclusion

description	PortailPHP 2 mod_search/index.php chemin Parameter Remote File Inclusion. CVE-2007-0820. Webapps exploit for php platform
id	EDB-ID:29566
last seen	2016-02-03
modified	2007-02-03
published	2007-02-03
reporter	laurent gaffie
source	https://www.exploit-db.com/download/29566/
title	PortailPHP 2 mod_search/index.php chemin Parameter Remote File Inclusion

description	PortailPHP 2 mod_news/goodies.php chemin Parameter Remote File Inclusion. CVE-2007-0820. Webapps exploit for php platform
id	EDB-ID:29565
last seen	2016-02-03
modified	2007-02-03
published	2007-02-03
reporter	laurent gaffie
source	https://www.exploit-db.com/download/29565/
title	PortailPHP 2 mod_news/goodies.php chemin Parameter Remote File Inclusion

Summary

Vulnerable Configurations

Exploit-Db

References