CVE-2007-1924
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
10/04/2007
Last modified:
07/08/2024
Description
Multiple PHP remote file inclusion vulnerabilities in phpContact allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to (1) contact_business.php or (2) contact_person.php. NOTE: this issue is disputed by CVE and a reliable third party, because include_path is initialized to a fixed value before use
Impact
Base Score 2.0
6.80
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:phpcontact:phpcontact:*:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page