How severe is CVE-2007-6553?

The severity of CVE-2007-6553 has not been assessed with CVSS v3.

CVE-2007-6553: Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONF[app_root] parameter to (1) tcuser.class | Zerodai Security

Name: teamcal_pro
Author: george_lewe

Descrição

Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONF[app_root] parameter to (1) tcuser.class.php, (2) absencecount.inc.php, (3) avatar.inc.php, (4) csvhandler.class.php, (5) functions.tcpro.php, (6) header.html.inc.php, (7) joomlajack.tcpro.php, (8) menu.inc.php, (9) other.inc.php, (10) tcabsence.class.php, (11) tcabsencegroup.class.php, (12) tcallowance.class.php, (13) tcannouncement.class.php, (14) tcconfig.class.php, (15) tcdaynote.class.php, (16) tcgroup.class.php, (17) tcholiday.class.php, (18) tclogin.class.php, (19) tcmonth.class.php, (20) tctemplate.class.php, (21) tcusergroup.class.php, or (22) tcuseroption.class.php in includes/, possibly a related issue to CVE-2006-4845.

Análise IADesenvolvido por IA

Produtos Afetados

george_leweteamcal_pro

Exploits Disponíveis (1)

EDB-4785

webappsphpVERIFIED

TeamCalPro 3.1.000 - Multiple Local/Remote File Inclusions

CVE-2007-6554CVE-2007-6553

GoLd_M12/25/2007

Descrição

Análise IADesenvolvido por IA

Produtos Afetados

Exploits Disponíveis (1)

TeamCalPro 3.1.000 - Multiple Local/Remote File Inclusions

Referências