CVE-2007-2736

PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:apple:a_ux:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:tru64:*:*:*:*:*:*:*:*
cpe:2.3:o:ibm:os2:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_95:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*
cpe:2.3:o:santa_cruz_operation:sco_unix:*:*:*:*:*:*:*:*
cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*
cpe:2.3:o:windriver:bsdos:*:*:*:*:*:*:*:*
cpe:2.3:a:achievo:achievo:1.1.0:*:*:*:*:*:*:*

History

21 Nov 2024, 00:31

Type Values Removed Values Added
References () http://osvdb.org/37919 - () http://osvdb.org/37919 -
References () http://www.securityfocus.com/bid/23992 - () http://www.securityfocus.com/bid/23992 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/34305 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/34305 -
References () https://www.exploit-db.com/exploits/3928 - () https://www.exploit-db.com/exploits/3928 -

Information

Published : 2007-05-17 19:30

Updated : 2024-11-21 00:31


NVD link : CVE-2007-2736

Mitre link : CVE-2007-2736

CVE.ORG link : CVE-2007-2736


JSON object : View

Products Affected

santa_cruz_operation

  • sco_unix

hp

  • tru64
  • hp-ux

microsoft

  • windows_98se
  • windows_2003_server
  • windows_me
  • windows_nt
  • windows_xp
  • windows_2000
  • windows_95
  • windows_98

apple

  • a_ux
  • mac_os_x

achievo

  • achievo

sun

  • solaris

ibm

  • os2

linux

  • linux_kernel

windriver

  • bsdos