CVSS: 7.5EPSS: 30%CPEs: 1EXPL: 0CVE-2007-2859
https://notcve.org/view.php?id=CVE-2007-2859
Multiple PHP remote file inclusion vulnerabilities in SimpGB 1.46.0 allow remote attackers to execute arbitrary PHP code via a URL in the path_simpgb parameter to (1) guestbook.php, (2) search.php, (3) mailer.php, (4) avatars.php, (5) ccode.php, (6) comments.php, (7) emoticons.php, (8) gbdownload.php, and possibly other PHP scripts. Múltiples vulnerabilidades de inclusión remota de archivo en PHP en el SimpGB 1.46.0 permiten a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro (1) guestbook.php, (2) search.php, (3) mailer.php, (4) avatars.php, (5) ccode.php, (6) comments.php, (7) emoticons.php, (8) gbdownload.php y, posiblemente, otras secuencias de comandos PHP. • http://osvdb.org/38101 http://osvdb.org/38102 http://osvdb.org/38103 http://osvdb.org/38104 http://osvdb.org/38105 http://osvdb.org/38106 http://osvdb.org/38107 http://osvdb.org/38108 http://securityreason.com/securityalert/2735 http://www.attrition.org/pipermail/vim/2007-May/001626.html http://www.securityfocus.com/archive/1/469219/100/0/threaded http://www.xmors-seurity.com/advisory/SimpGB%28rfi%29.txt https://exchange.xforce.ibmcloud.com/vulnerabilitie •