CyberSec.Space Logo
Back to CVE Browser

CVE-2007-1408

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1740%
EPSS Percentile24.30th
PublishedMar 10, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Multiple vulnerabilities in (1) bank.php, (2) landfill.php, (3) outposts.php, (4) tribes.php, (5) house.php, (6) tribearmor.php, (7) tribeastral.php, (8) tribeware.php, and (9) includes/head.php in Bartek Jasicki Vallheru before 1.3 beta have unknown impact and remote attack vectors, probably related to large integer values containing more than 15 digits. NOTE: the original vendor report is for integer overflows, but this is probably an incorrect usage of the term.

Affected Platforms (CPE)

πŸ“¦
Vallheru

Vallheru

<= 1.0.6

References & Advisories

πŸ”— http://sourceforge.net/forum/forum.php?forum_id=672237
πŸ”— http://sourceforge.net/project/shownotes.php?release_id=491871&group_id=118350
πŸ”— http://vallheru.svn.sourceforge.net/viewvc/vallheru/vallheru2/bank.php?r1=910&r2=918
πŸ”— http://sourceforge.net/forum/forum.php?forum_id=672237
πŸ”— http://sourceforge.net/project/shownotes.php?release_id=491871&group_id=118350
πŸ”— http://vallheru.svn.sourceforge.net/viewvc/vallheru/vallheru2/bank.php?r1=910&r2=918

Related Vulnerabilities

CVE-2006-59267.5

Multiple SQL injection vulnerabilities in mail.php in Vallheru before 1.0.7 allow remote attackers to execute arbitrary SQL comman...

CVE-2007-049610.0

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to ex...

CVE-2007-030310.0

Multiple unspecified vulnerabilities in Zina 1.0rc1 and earlier have unknown impact and attack vectors related to "Potential secur...

CVE-2007-036810.0

Stack-based buffer overflow in mbse-bbs 0.70 and earlier allows local users to execute arbitrary code via a long string in the MBS...