Vulnerabilities > CVE-2007-2736 - Unspecified vulnerability in Achievo 1.1.0

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

achievo

exploit available

NVD

Published: 2007-05-17

Updated: 2017-10-11

Summary

PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter.

Vulnerable Configurations

Part	Description	Count
OS	Apple Apple A UX * Apple MAC OS X *	2
OS	Hp HP HP UX * HP Tru64 *	2
OS	Ibm IBM OS2 *	1
OS	Linux Linux Linux Kernel *	1
OS	Microsoft Microsoft Windows 2000 * Microsoft Windows 2003 Server * Microsoft Windows 95 * Microsoft Windows 98 * Microsoft Windows 98Se * Microsoft Windows ME * Microsoft Windows NT 4.0 Microsoft Windows XP *	8
OS	Santa_Cruz_Operation Santa Cruz Operation SCO Unix *	1
OS	Sun SUN Solaris *	1
OS	Windriver Windriver Bsdos *	1
Application	Achievo Achievo Achievo 1.1.0	1

Exploit-Db

description	Achievo 1.1.0 (atk.inc config_atkroot) Remote File Inclusion Vulnerability. CVE-2007-2736. Webapps exploit for php platform
file	exploits/php/webapps/3928.txt
id	EDB-ID:3928
last seen	2016-01-31
modified	2007-05-15
platform	php
port
published	2007-05-15
reporter	Katatafish
source	https://www.exploit-db.com/download/3928/
title	Achievo 1.1.0 atk.inc config_atkroot Remote File Inclusion Vulnerability
type	webapps

Summary

Vulnerable Configurations

Exploit-Db

References