Vulnerabilities > CVE-2007-4235 - Remote File Include vulnerability in VietPHP

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
vietphp
critical
exploit available

Summary

Multiple PHP remote file inclusion vulnerabilities in VietPHP allow remote attackers to execute arbitrary PHP code via a URL in (1) the dirpath parameter to (a) _functions.php, or (2) the language parameter to (b) admin/index.php or (c) index.php.

Vulnerable Configurations

Part Description Count
Application
Vietphp
1

Exploit-Db

  • descriptionVietPHP admin/index.php language Parameter Remote File Inclusion. CVE-2007-4235. Webapps exploit for php platform
    idEDB-ID:30457
    last seen2016-02-03
    modified2007-08-07
    published2007-08-07
    reportermaster-of-desastor
    sourcehttps://www.exploit-db.com/download/30457/
    titleVietPHP admin/index.php language Parameter Remote File Inclusion
  • descriptionVietPHP index.php language Parameter Remote File Inclusion. CVE-2007-4235. Webapps exploit for php platform
    idEDB-ID:30459
    last seen2016-02-03
    modified2007-08-07
    published2007-08-07
    reportermaster-of-desastor
    sourcehttps://www.exploit-db.com/download/30459/
    titleVietPHP index.php language Parameter Remote File Inclusion
  • descriptionVietPHP _functions.php dirpath Parameter Remote File Inclusion. CVE-2007-4235. Webapps exploit for php platform
    idEDB-ID:30456
    last seen2016-02-03
    modified2007-08-07
    published2007-08-07
    reportermaster-of-desastor
    sourcehttps://www.exploit-db.com/download/30456/
    titleVietPHP _functions.php dirpath Parameter Remote File Inclusion