CVE-2007-1414
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple PHP remote file inclusion vulnerabilities in Coppermine Photo Gallery (CPG) allow remote attackers to execute arbitrary PHP code via a URL in the (1) cmd parameter to (a) image_processor.php or (b) picmgmt.inc.php, or the (2) path parameter to (c) include/functions.php, (d) include/plugin_api.inc.php, (e) index.php, or (f) pluginmgr.php.
Múltiples vulnerabilidades de inclusión remota de archivo en PHP en Coppermine Photo Gallery (CPG) permiten a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro (1) cmd de (a) image_processor.php or (b) picmgmt.inc.php, o el parámetro (2) path de (c)include/functions.php, (d) include/plugin_api.inc.php, (e) index.php, o (f) pluginmgr.php.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-03-12 CVE Reserved
- 2007-03-12 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- 2024-11-15 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://securityreason.com/securityalert/2416 | Third Party Advisory | |
| http://www.osvdb.org/35065 | Vdb Entry | |
| http://www.osvdb.org/35066 | Vdb Entry | |
| http://www.osvdb.org/35067 | Vdb Entry | |
| http://www.osvdb.org/35068 | Vdb Entry | |
| http://www.osvdb.org/35069 | Vdb Entry | |
| http://www.osvdb.org/35070 | Vdb Entry | |
| http://www.securityfocus.com/archive/1/462322/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/463532/100/0/threaded | Mailing List | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/32894 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| http://www.securityfocus.com/bid/22896 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Coppermine Search vendor "Coppermine" | Coppermine Photo Gallery Search vendor "Coppermine" for product "Coppermine Photo Gallery" | * | - |
Affected
| ||||||