CVE-2007-4738

STPHPLibrary - 'STPHPLIB_DIR' Remote File Inclusion

Severity Score

7.5

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Multiple PHP remote file inclusion vulnerabilities in SpeedTech PHP Library (STPHPLibrary) 0.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) db_conf or (2) ADODB_DIR parameter to utils/stphpimage_show.php; or a URL in the STPHPLIB_DIR parameter to (3) stphpbutton.php, (4) stphpcheckbox.php, (5) stphpcheckboxwithcaption.php, (6) stphpcheckgroup.php, (7) stphpcomponent.php, (8) stphpcontrolwithcaption.php, (9) stphpedit.php, (10) stphpeditwithcaption.php, (11) stphphr.php, (12) stphpimage.php, (13) stphpimagewithcaption.php, (14) stphplabel.php, (15) stphplistbox.php, (16) stphplistboxwithcaption.php, (17) stphplocale.php, (18) stphppanel.php, (19) stphpradiobutton.php, (20) stphpradiobuttonwithcaption.php, (21) stphpradiogroup.php, (22) stphprichbutton.php, (23) stphpspacer.php, (24) stphptable.php, (25) stphptablecell.php, (26) stphptablerow.php, (27) stphptabpanel.php, (28) stphptabtitle.php, (29) stphptextarea.php, (30) stphptextareawithcaption.php, (31) stphptoolbar.php, (32) stphpwindow.php, (33) stphpxmldoc.php, or (34) stphpxmlelement.php, a different set of vectors than CVE-2007-4737. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Múltiples vulnerabilidades de inclusión remota de archivos PHP en SpeedTech PHP Library (STPHPLibrary) versión 0.8.0, permiten a atacantes remotos ejecutar código PHP arbitrario por medio de una URL en el parámetro (1) db_conf o (2) ADODB_DIR en el archivo utils/stphpimage_show.php; o una URL en el parámetro STPHPLIB_DIR en el archivo (3) stphpbutton.php,(4) stphpcheckbox.php,(5) stphpcheckboxwithcaption.php,(6) stphpcheckgroup.php,(7) stphpcomponent.php,(8) stphpcontrolwithcaption.php,(9) stphpedit.php, (10) stphpeditwithcaption.php, (11) stphphr.php, (12) stphpimage.php, (13) stphpimagewithcaption.php, (14) stphplabel.php, (15) stphplistbox.php, (16) stphplistboxwithcaption.php, (17) stphplocale.php, (18) stphppanel.php, (19) stphpradiobutton.php, (20) stphpradiobuttonwithcaption.php, (21) stphpradiogroup.php, (22) stphprichbutton.php, (23) stphpspacer.php, (24) esptosible.php, (25) stphptablecell.php, (26) stphptablerow.php, (27) stphptabpanel.php, (28) stphptabtitle.php, (29) stphptextarea.php, (30) stphptextareawithcaption.php, (31) stphptoolbar.php, (32) stphpwindow.php, (33) stphpxmldoc.php, o (34) stphpxmlelement.php, un conjunto diferente de vectores de ataque de CVE-2007-4737. NOTA: la procedencia de esta información es desconocida; los datos son obtenidos únicamente de la información de terceros.

*Credits: N/A

CVSS Scores

NISTv2 7.5

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2007-09-03 First Exploit
2007-09-06 CVE Reserved
2007-09-06 CVE Published
2024-08-07 CVE Updated
2024-11-01 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-20: Improper Input Validation
CWE-94: Improper Control of Generation of Code ('Code Injection')

CAPEC

References (37)

URL	Tag	Source
http://osvdb.org/39073	Vdb Entry
http://osvdb.org/39074	Vdb Entry
http://osvdb.org/39075	Vdb Entry
http://osvdb.org/39076	Vdb Entry
http://osvdb.org/39077	Vdb Entry
http://osvdb.org/39078	Vdb Entry
http://osvdb.org/39079	Vdb Entry
http://osvdb.org/39080	Vdb Entry
http://osvdb.org/39081	Vdb Entry
http://osvdb.org/39082	Vdb Entry
http://osvdb.org/39083	Vdb Entry
http://osvdb.org/39084	Vdb Entry
http://osvdb.org/39085	Vdb Entry
http://osvdb.org/39086	Vdb Entry
http://osvdb.org/39087	Vdb Entry
http://osvdb.org/39088	Vdb Entry
http://osvdb.org/39089	Vdb Entry
http://osvdb.org/39090	Vdb Entry
http://osvdb.org/39091	Vdb Entry
http://osvdb.org/39092	Vdb Entry
http://osvdb.org/39093	Vdb Entry
http://osvdb.org/39094	Vdb Entry
http://osvdb.org/39095	Vdb Entry
http://osvdb.org/39096	Vdb Entry
http://osvdb.org/39097	Vdb Entry
http://osvdb.org/39098	Vdb Entry
http://osvdb.org/39099	Vdb Entry
http://osvdb.org/39100	Vdb Entry
http://osvdb.org/39101	Vdb Entry
http://osvdb.org/39102	Vdb Entry
http://osvdb.org/39103	Vdb Entry
http://osvdb.org/39104	Vdb Entry
http://osvdb.org/39105	Vdb Entry
http://www.securityfocus.com/bid/25525	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/36417	Vdb Entry

URL	Date	SRC
https://www.exploit-db.com/exploits/4358	2007-09-03

URL	Date	SRC

URL	Date	SRC
http://secunia.com/advisories/26658	2017-07-29

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Speedtech Search vendor "Speedtech"		Stphplibrary Search vendor "Speedtech" for product "Stphplibrary"				0.8.0 Search vendor "Speedtech" for product "Stphplibrary" and version "0.8.0"		-		Affected