Vulnerabilities > CVE-2007-2940 - Remote File Include vulnerability in Flap 1.0Beta

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

flap

exploit available

NVD

Published: 2007-05-31

Updated: 2017-10-11

Summary

Multiple PHP remote file inclusion vulnerabilities in FlaP 1.0b (1.0 Beta) allow remote attackers to execute arbitrary PHP code via a URL in the pachtofile parameter to (1) skin/html/table.php or (2) login.php.

Vulnerable Configurations

Part	Description	Count
Application	Flap Flap Flap 1.0_Beta	1

Exploit-Db

description	FlaP 1.0b (pachtofile) Remote File Inclusion Vulnerabilities. CVE-2007-2940. Webapps exploit for php platform
file	exploits/php/webapps/3992.txt
id	EDB-ID:3992
last seen	2016-01-31
modified	2007-05-25
platform	php
port
published	2007-05-25
reporter	Mehmet Ince
source	https://www.exploit-db.com/download/3992/
title	FlaP 1.0b pachtofile Remote File Inclusion Vulnerabilities
type	webapps

Summary

Vulnerable Configurations

Exploit-Db

References