How severe is CVE-2007-6553?

The severity of CVE-2007-6553 has not been assessed with CVSS v3.

CVE-2007-6553: Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONF[app_root] parameter to (1) tcuser.class | Zerodai Security

Name: teamcal_pro
Author: george_lewe

説明

Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONF[app_root] parameter to (1) tcuser.class.php, (2) absencecount.inc.php, (3) avatar.inc.php, (4) csvhandler.class.php, (5) functions.tcpro.php, (6) header.html.inc.php, (7) joomlajack.tcpro.php, (8) menu.inc.php, (9) other.inc.php, (10) tcabsence.class.php, (11) tcabsencegroup.class.php, (12) tcallowance.class.php, (13) tcannouncement.class.php, (14) tcconfig.class.php, (15) tcdaynote.class.php, (16) tcgroup.class.php, (17) tcholiday.class.php, (18) tclogin.class.php, (19) tcmonth.class.php, (20) tctemplate.class.php, (21) tcusergroup.class.php, or (22) tcuseroption.class.php in includes/, possibly a related issue to CVE-2006-4845.

AI分析AIによる分析

影響を受ける製品

george_leweteamcal_pro

利用可能なエクスプロイト (1)

EDB-4785

webappsphpVERIFIED

TeamCalPro 3.1.000 - Multiple Local/Remote File Inclusions

CVE-2007-6554CVE-2007-6553

GoLd_M12/25/2007

説明

AI分析AIによる分析

影響を受ける製品

利用可能なエクスプロイト (1)

TeamCalPro 3.1.000 - Multiple Local/Remote File Inclusions

参照