How severe is CVE-2007-6553?

The severity of CVE-2007-6553 has not been assessed with CVSS v3.

CVE-2007-6553: Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONF[app_root] parameter to (1) tcuser.class | Zerodai Security

Name: teamcal_pro
Author: george_lewe

描述

Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONF[app_root] parameter to (1) tcuser.class.php, (2) absencecount.inc.php, (3) avatar.inc.php, (4) csvhandler.class.php, (5) functions.tcpro.php, (6) header.html.inc.php, (7) joomlajack.tcpro.php, (8) menu.inc.php, (9) other.inc.php, (10) tcabsence.class.php, (11) tcabsencegroup.class.php, (12) tcallowance.class.php, (13) tcannouncement.class.php, (14) tcconfig.class.php, (15) tcdaynote.class.php, (16) tcgroup.class.php, (17) tcholiday.class.php, (18) tclogin.class.php, (19) tcmonth.class.php, (20) tctemplate.class.php, (21) tcusergroup.class.php, or (22) tcuseroption.class.php in includes/, possibly a related issue to CVE-2006-4845.

AI分析AI驱动

受影响产品

george_leweteamcal_pro

可用漏洞利用 (1)

EDB-4785

webappsphpVERIFIED

TeamCalPro 3.1.000 - Multiple Local/Remote File Inclusions

CVE-2007-6554CVE-2007-6553

GoLd_M12/25/2007

描述

AI分析AI驱动

受影响产品

可用漏洞利用 (1)

TeamCalPro 3.1.000 - Multiple Local/Remote File Inclusions

参考资料