CyberSec.Space Logo
Back to CVE Browser

CVE-2007-1391

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0140%
EPSS Percentile42.63th
PublishedMar 10, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

PHP remote file inclusion vulnerability in modules/abook/foldertree.php in Leo West WEBO (aka weborganizer) 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter.

Affected Platforms (CPE)

πŸ“¦
Webo

Webo

= 1.0

References & Advisories

πŸ”— http://advisories.echo.or.id/adv/adv67-K-159-2007.txt
πŸ”— http://www.securityfocus.com/archive/1/462294/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/22877
πŸ”— http://www.vupen.com/english/advisories/2007/0883
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/32877
πŸ”— https://www.exploit-db.com/exploits/3436
πŸ”— http://advisories.echo.or.id/adv/adv67-K-159-2007.txt
πŸ”— http://www.securityfocus.com/archive/1/462294/100/0/threaded

Related Vulnerabilities

CVE-2009-507110.0

Unspecified vulnerability in Palm Pre WebOS before 1.2.1 has unknown impact and attack vectors related to an "included contact tem...

CVE-2010-40259.3

Unspecified vulnerability in Doc Viewer in HP Palm webOS 1.4.1 allows remote attackers to execute arbitrary code via a crafted doc...

CVE-2011-17387.2

HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in Development Kit (PDK) applications, which allows local users to...

CVE-2009-50977.1

Palm Pre WebOS 1.1 and earlier processes JavaScript in email messages, which allows remote attackers to execute arbitrary JavaScri...