How severe is CVE-2007-6553?

The severity of CVE-2007-6553 has not been assessed with CVSS v3.

CVE-2007-6553: Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONF[app_root] parameter to (1) tcuser.class | Zerodai Security

Name: teamcal_pro
Author: george_lewe

Descripción

Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONF[app_root] parameter to (1) tcuser.class.php, (2) absencecount.inc.php, (3) avatar.inc.php, (4) csvhandler.class.php, (5) functions.tcpro.php, (6) header.html.inc.php, (7) joomlajack.tcpro.php, (8) menu.inc.php, (9) other.inc.php, (10) tcabsence.class.php, (11) tcabsencegroup.class.php, (12) tcallowance.class.php, (13) tcannouncement.class.php, (14) tcconfig.class.php, (15) tcdaynote.class.php, (16) tcgroup.class.php, (17) tcholiday.class.php, (18) tclogin.class.php, (19) tcmonth.class.php, (20) tctemplate.class.php, (21) tcusergroup.class.php, or (22) tcuseroption.class.php in includes/, possibly a related issue to CVE-2006-4845.

Análisis IAImpulsado por IA

Productos Afectados

george_leweteamcal_pro

Exploits Disponibles (1)

EDB-4785

webappsphpVERIFIED

TeamCalPro 3.1.000 - Multiple Local/Remote File Inclusions

CVE-2007-6554CVE-2007-6553

GoLd_M12/25/2007

Descripción

Análisis IAImpulsado por IA

Productos Afectados

Exploits Disponibles (1)

TeamCalPro 3.1.000 - Multiple Local/Remote File Inclusions

Referencias