Vulnerabilities > CVE-2007-3792 - Remote File Include vulnerability in Azerbaijan Development Group Azdgdating 3.0.5

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
azerbaijan-development-group
exploit available
NVD
Published: 2007-07-15
Updated: 2018-10-15

Summary

Multiple PHP remote file inclusion vulnerabilities in AzDG Dating Gold 3.0.5 allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter to (1) header.php, (2) footer.php, or (3) secure.admin.php in templates/.

Vulnerable Configurations

Part Description Count
Application
Azerbaijan_Development_Group
1

Exploit-Db

  • descriptionDating Gold 3.0.5 header.php int_path Parameter Remote File Inclusion. CVE-2007-3792. Webapps exploit for php platform
    idEDB-ID:30301
    last seen2016-02-03
    modified2007-07-13
    published2007-07-13
    reportermostafa_ragab
    sourcehttps://www.exploit-db.com/download/30301/
    titleDating Gold 3.0.5 header.php int_path Parameter Remote File Inclusion
  • descriptionDating Gold 3.0.5 secure.admin.php int_path Parameter Remote File Inclusion. CVE-2007-3792. Webapps exploit for php platform
    idEDB-ID:30303
    last seen2016-02-03
    modified2007-07-13
    published2007-07-13
    reportermostafa_ragab
    sourcehttps://www.exploit-db.com/download/30303/
    titleDating Gold 3.0.5 secure.admin.php int_path Parameter Remote File Inclusion
  • descriptionDating Gold 3.0.5 footer.php int_path Parameter Remote File Inclusion. CVE-2007-3792. Webapps exploit for php platform
    idEDB-ID:30302
    last seen2016-02-03
    modified2007-07-13
    published2007-07-13
    reportermostafa_ragab
    sourcehttps://www.exploit-db.com/download/30302/
    titleDating Gold 3.0.5 footer.php int_path Parameter Remote File Inclusion

References