Vulnerabilities > CVE-2007-3217 - Remote File Include vulnerability in Prototype of AN PHP Application Prototype of AN PHP Application 0.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple PHP remote file inclusion vulnerabilities in Prototype of an PHP application 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the path_inc parameter to (1) index.php in gestion/; (2) identification.php, (3) disconnect.php, (4) loginliste.php, (5) loginmodif.php, (6) index.php, and (7) ident.inc.php in ident/; (8) menuadministration.php and (9) menuprincipal.php in menu/; (10) param.inc.php in param/; (11) index.php in plugins/phpgacl/; and (12) index.php and (13) common.inc.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description Prototype of an PHP application 0.1 ident/disconnect.php path_inc Parameter Remote File Inclusion. CVE-2007-3217 . Webapps exploit for php platform id EDB-ID:30120 last seen 2016-02-03 modified 2007-06-01 published 2007-06-01 reporter pito pito source https://www.exploit-db.com/download/30120/ title Prototype of an PHP application 0.1 ident/disconnect.php path_inc Parameter Remote File Inclusion description Prototype of an PHP application 0.1 common.inc.php path_inc Parameter Remote File Inclusion. CVE-2007-3217 . Webapps exploit for php platform id EDB-ID:30129 last seen 2016-02-03 modified 2007-06-01 published 2007-06-01 reporter pito pito source https://www.exploit-db.com/download/30129/ title Prototype of an PHP application 0.1 common.inc.php path_inc Parameter Remote File Inclusion description Prototype of an PHP application 0.1 ident/ident.inc.php path_inc Parameter Remote File Inclusion. CVE-2007-3217. Webapps exploit for php platform id EDB-ID:30124 last seen 2016-02-03 modified 2007-06-01 published 2007-06-01 reporter pito pito source https://www.exploit-db.com/download/30124/ title Prototype of an PHP application 0.1 ident/ident.inc.php path_inc Parameter Remote File Inclusion description Prototype of an PHP application 0.1 ident/identification.php path_inc Parameter Remote File Inclusion. CVE-2007-3217. Webapps exploit for php platform id EDB-ID:30119 last seen 2016-02-03 modified 2007-06-01 published 2007-06-01 reporter pito pito source https://www.exploit-db.com/download/30119/ title Prototype of an PHP application 0.1 ident/identification.php path_inc Parameter Remote File Inclusion description Prototype of an PHP application 0.1 ident/loginliste.php path_inc Parameter Remote File Inclusion. CVE-2007-3217 . Webapps exploit for php platform id EDB-ID:30121 last seen 2016-02-03 modified 2007-06-01 published 2007-06-01 reporter pito pito source https://www.exploit-db.com/download/30121/ title Prototype of an PHP application 0.1 ident/loginliste.php path_inc Parameter Remote File Inclusion description Prototype of an PHP application 0.1 index.php path_inc Parameter Remote File Inclusion. CVE-2007-3217. Webapps exploit for php platform id EDB-ID:30128 last seen 2016-02-03 modified 2007-06-01 published 2007-06-01 reporter pito pito source https://www.exploit-db.com/download/30128/ title Prototype of an PHP application 0.1 index.php path_inc Parameter Remote File Inclusion description Prototype of an PHP application 0.1 plugins/phpgacl/index.php path_inc Parameter Remote File Inclusion. CVE-2007-3217 . Webapps exploit for php platform id EDB-ID:30127 last seen 2016-02-03 modified 2007-06-01 published 2007-06-01 reporter pito pito source https://www.exploit-db.com/download/30127/ title Prototype of an PHP application 0.1 plugins/phpgacl/index.php path_inc Parameter Remote File Inclusion description Prototype of an PHP application 0.1 param/param.inc.php path_inc Parameter Remote File Inclusion. CVE-2007-3217 . Webapps exploit for php platform id EDB-ID:30126 last seen 2016-02-03 modified 2007-06-01 published 2007-06-01 reporter pito pito source https://www.exploit-db.com/download/30126/ title Prototype of an PHP application 0.1 param/param.inc.php path_inc Parameter Remote File Inclusion description Prototype of an PHP application 0.1 ident/index.php path_inc Parameter Remote File Inclusion. CVE-2007-3217 . Webapps exploit for php platform id EDB-ID:30123 last seen 2016-02-03 modified 2007-06-01 published 2007-06-01 reporter pito pito source https://www.exploit-db.com/download/30123/ title Prototype of an PHP application 0.1 ident/index.php path_inc Parameter Remote File Inclusion description Prototype of an PHP application 0.1 gestion/index.php path_inc Parameter Remote File Inclusion. CVE-2007-3217 . Webapps exploit for php platform id EDB-ID:30118 last seen 2016-02-03 modified 2007-06-01 published 2007-06-01 reporter pito pito source https://www.exploit-db.com/download/30118/ title Prototype of an PHP application 0.1 gestion/index.php path_inc Parameter Remote File Inclusion description Prototype of an PHP application 0.1 menu/menuprincipal.php path_inc Parameter Remote File Inclusion. CVE-2007-3217 . Webapps exploit for php platform id EDB-ID:30125 last seen 2016-02-03 modified 2007-06-01 published 2007-06-01 reporter pito pito source https://www.exploit-db.com/download/30125/ title Prototype of an PHP application 0.1 menu/menuprincipal.php path_inc Parameter Remote File Inclusion description Prototype of an PHP application 0.1 ident/loginmodif.php path_inc Parameter Remote File Inclusion. CVE-2007-3217 . Webapps exploit for php platform id EDB-ID:30122 last seen 2016-02-03 modified 2007-06-01 published 2007-06-01 reporter pito pito source https://www.exploit-db.com/download/30122/ title Prototype of an PHP application 0.1 ident/loginmodif.php path_inc Parameter Remote File Inclusion
References
- http://osvdb.org/37149
- http://osvdb.org/37150
- http://osvdb.org/37151
- http://osvdb.org/37152
- http://osvdb.org/37153
- http://osvdb.org/37154
- http://osvdb.org/37155
- http://osvdb.org/37156
- http://osvdb.org/37157
- http://osvdb.org/37158
- http://osvdb.org/37159
- http://osvdb.org/37160
- http://osvdb.org/37161
- http://securityreason.com/securityalert/2812
- http://www.securityfocus.com/archive/1/470245/100/100/threaded
- http://www.securityfocus.com/bid/24266
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34679