Vulnerabilities > CVE-2007-1936 - Remote Security vulnerability in Scar4U.De Scaradcontroller 1.1

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

scar4u-de

exploit available

NVD

Published: 2007-04-10

Updated: 2017-10-11

Summary

PHP remote file inclusion vulnerability in scaradcontrol.php in ScarAdControl (ScarAdController) 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the sac_config_dir parameter.

Vulnerable Configurations

Part	Description	Count
Application	Scar4U.De Scar4U.De Scaradcontroller 1.1	1

Exploit-Db

id	EDB-ID:3682

References

http://osvdb.org/37547
https://www.exploit-db.com/exploits/3682