CVE-2007-4383 : PHP remote file inclusion vulnerability in tracking.php in Trackeur 1 allows remote attackers to execute arbitrary PHP c

PHP remote file inclusion vulnerability in tracking.php in Trackeur 1 allows remote attackers to execute arbitrary PHP code via a URL in the header parameter. NOTE: CVE and a third party dispute this vulnerability because header is defined before use. The researcher is known to be unreliable

Published 2007-08-17 21:17:00

Updated 2024-04-11 00:42:41

Source MITRE

View at NVD, CVE.org

Vulnerability category: File inclusion

Exploit prediction scoring system (EPSS) score for CVE-2007-4383

Probability of exploitation activity in the next 30 days: 0.95%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 83 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2007-4383

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2007-4383

Products affected by CVE-2007-4383

Trackeur » Trackeur » Version: 1
cpe:2.3:a:trackeur:trackeur:1:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2007-4383

Exploit prediction scoring system (EPSS) score for CVE-2007-4383

CVSS scores for CVE-2007-4383

References for CVE-2007-4383

Products affected by CVE-2007-4383