7.5
CVSSv2

CVE-2007-2167

Published: 22/04/2007 Updated: 11/10/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Static code injection vulnerability in process.php in AimStats 3.2 allows remote malicious users to inject PHP code into config.php via the number parameter in an update action.

Affected Products

Vendor Product Versions
AimstatsAimstats3.2

Exploits

<!-- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- + + + Y! Underground Group ...