Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2007-2199

Published: 24/04/2007 Updated: 16/10/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 695
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Nx

Vulnerability Summary

PHP remote file inclusion vulnerability in lib/pcltar.lib.php (aka pcltar.php) in the PclTar module 1.3 and 1.3.1 for Vincent Blavet PhpConcept Library, as used in multiple products including (1) Joomla! 1.5.0 Beta, (2) N/X Web Content Management System (WCMS) 4.5, (3) CJG EXPLORER PRO 3.3, and (4) phpSiteBackup 0.1, allows remote malicious users to execute arbitrary PHP code via a URL in the g_pcltar_lib_dir parameter.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

nx n x wcms 4.5

joomla joomla 1.5.0

cjg explorer pro cjg explorer pro 3.3

phpsitebackup phpsitebackup 0.1

Exploits

Exploit DB: PHPSiteBackup 0.1 - 'pcltar.lib.php' Remote File Inclusion
# phpSiteBackup 01 (pcltarlibphp) Remote File Include Vulnerability # DScript: kentdlsourceforgenet/sourceforge/phpsitebackup/phpSiteBackup-01tgz # Exploit: /phpSiteBackup-01/pcltarlibphp?g_pcltar_lib_dir=localhost/tryagtxt? # DVidoe: my-storyorg/uploads/phpSiteBackuprar # Dis ...
Exploit DB: CJG EXPLORER PRO 3.2 - 'g_pcltar_lib_dir' Remote File Inclusion
#######################S==A==U==D==I######################### CJG EXPLORER PRO v32 (pcltarlibphp)(pcltracelibphp) Remote File Include Vulnerabilities ############################################################## Found By : Mogatil , jjl@hotmailcom ############################################################## Script Site : wwwza ...
Exploit DB: Joomla! 1.5.0 Beta - 'pcltar.php' Remote File Inclusion
Hi, Joomla! 150 is in Beta version and "should NOT to be used for `live` or `production` sites" Joomla 1012 has a good security but it seems that Joomla 150 doesnt have a good security approach Anyway, there is a remote file inclusion in Joomla 150 Beta : File /libraries/pcl/pcltarphp, Line 74 : if (!defined("PCLERROR_LIB")) { ...

References

CWE-94http://www.hackers.ir/advisories/joomla.htmlhttp://www.securityfocus.com/bid/23613http://www.attrition.org/pipermail/vim/2007-May/001618.htmlhttp://www.securityfocus.com/bid/23708http://secunia.com/advisories/25230http://www.securityfocus.com/bid/24660http://www.securityfocus.com/bid/25528http://osvdb.org/34803http://osvdb.org/36009http://www.vupen.com/english/advisories/2007/1511https://exchange.xforce.ibmcloud.com/vulnerabilities/35092https://exchange.xforce.ibmcloud.com/vulnerabilities/34273https://exchange.xforce.ibmcloud.com/vulnerabilities/33837https://www.exploit-db.com/exploits/4111https://www.exploit-db.com/exploits/3915https://www.exploit-db.com/exploits/3781http://www.securityfocus.com/archive/1/478503/100/0/threadedhttp://www.securityfocus.com/archive/1/466687/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/4111/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook