Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2007-2816

Published: 22/05/2007 Updated: 11/10/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 760
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Multiple PHP remote file inclusion vulnerabilities in ol'bookmarks 0.7.4 allow remote malicious users to execute arbitrary PHP code via a URL in the root parameter to (1) test1.php, (2) blackorange.php, (3) default.php, (4) frames1.php, (5) frames1_top.php, (7) test2.php, (8) test3.php, (9) test4.php, (10) test5.php, (11) test6.php, (12) frames1_left.php, and (13) frames1_center.php in themes/.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

ol bookmarks ol bookmarks 0.7.4

Exploits

Exploit DB: Ol BookMarks Manager 0.7.4 - 'root' Remote File Inclusion
#Olbookmarks =>074 multiple RFI (root) Download script : #D0rk : allintitle:ol'bookmarks #Thanks Str0ke #Exploit : meshdlsourceforgenet/sourceforge/olbookmarks/olbookmarks-074targz #victimecom/olbookmarks-074/themes/test1php?root=shell #victimecom/path/themes/blackorangephp?root=shell #victimeco ...
Exploit DB: Ol BookMarks Manager 0.7.4 - SQL Injection
========================================================================== Ol Bookmarks Manager 074 (root) Remote SQL Injection Vulnerabilities ========================================================================== Found by: Cyber-Security ========================================================================== D0rk : allintitle:ol'boo ...

References

CWE-94http://www.attrition.org/pipermail/vim/2007-May/001623.htmlhttp://www.securityfocus.com/bid/24083http://secunia.com/advisories/25356http://www.vupen.com/english/advisories/2007/1893http://osvdb.org/36500http://osvdb.org/36504http://osvdb.org/36503http://osvdb.org/36501http://osvdb.org/36502http://osvdb.org/36496http://osvdb.org/36494http://osvdb.org/36498http://osvdb.org/36497http://osvdb.org/36495http://osvdb.org/36493http://osvdb.org/36499https://exchange.xforce.ibmcloud.com/vulnerabilities/34402https://www.exploit-db.com/exploits/3962https://nvd.nist.govhttps://www.exploit-db.com/exploits/3962/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316SQL injectiontype confusionCVE-2024-20697CVE-2024-4344localCVE-2024-30043CVE-2024-3821CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook