Vulnerabilities > CVE-2007-1391 - Remote File Include vulnerability in Webo 1.0

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
webo
critical
exploit available

Summary

PHP remote file inclusion vulnerability in modules/abook/foldertree.php in Leo West WEBO (aka weborganizer) 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter.

Vulnerable Configurations

Part Description Count
Application
Webo
1

Exploit-Db

descriptionWEBO (Web Organizer) <= 1.0 (baseDir) Remote File Inclusion Vuln. CVE-2007-1391. Webapps exploit for php platform
fileexploits/php/webapps/3436.txt
idEDB-ID:3436
last seen2016-01-31
modified2007-03-08
platformphp
port
published2007-03-08
reporterK-159
sourcehttps://www.exploit-db.com/download/3436/
titleWEBO Web Organizer <= 1.0 baseDir Remote File Inclusion Vuln
typewebapps