Vulnerabilities > CVE-2007-1620 - Remote Security vulnerability in Php Db Designer
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple PHP remote file inclusion vulnerabilities in PHP DB Designer 1.02 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) _SESSION[SITE_PATH] parameter to (a) wind/help.php or (b) wind/about.php, or the (2) _SESSION[DRIVER] parameter to (c) db/session.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | PHP DB Designer <= 1.02 Remote File Include Vulnerabilities. CVE-2007-1620. Webapps exploit for php platform |
file | exploits/php/webapps/3501.txt |
id | EDB-ID:3501 |
last seen | 2016-01-31 |
modified | 2007-03-16 |
platform | php |
port | |
published | 2007-03-16 |
reporter | GoLd_M |
source | https://www.exploit-db.com/download/3501/ |
title | PHP DB Designer <= 1.02 - Remote File Include Vulnerabilities |
type | webapps |