Vulnerabilities > CVE-2007-2708 - Remote File Include vulnerability in Feindt Computerservice News-Script 2.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
feindt-computerservice
exploit available
NVD
Published: 2007-05-16
Updated: 2017-10-11

Summary

PHP remote file inclusion vulnerability in newsadmin.php in Feindt Computerservice News (News-Script) 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the action parameter.

Vulnerable Configurations

Part Description Count
Application
Feindt_Computerservice
1

Exploit-Db

descriptionFeindt Computerservice News 2.0 (newsadmin.php action) RFI Vuln. CVE-2007-2708. Webapps exploit for php platform
fileexploits/php/webapps/3920.txt
idEDB-ID:3920
last seen2016-01-31
modified2007-05-14
platformphp
port
published2007-05-14
reporterMogatil
sourcehttps://www.exploit-db.com/download/3920/
titleFeindt Computerservice News 2.0 newsadmin.php action RFI Vuln
typewebapps

References