CVE Vulnerabilities

CVE-2007-1423

Published: Mar 13, 2007 | Modified: Oct 19, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Multiple PHP remote file inclusion vulnerabilities in WORK system e-commerce 3.0.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the g_include parameter to include/include_top.php and certain other PHP scripts.

Affected Software

Name Vendor Start Version End Version
Work_system_e-commerce Work_system_e-commerce 3.0.3 (including) 3.0.3 (including)
Work_system_e-commerce Work_system_e-commerce 3.0.4 (including) 3.0.4 (including)
Work_system_e-commerce Work_system_e-commerce 3.0.5 (including) 3.0.5 (including)
Work_system_e-commerce Work_system_e-commerce 3.0.41 (including) 3.0.41 (including)

References