CyberSec.Space Logo
Back to CVE Browser

CVE-2007-3359

MEDIUM
6.8
CVSS Severity Score
EPSS Score0.0430%
EPSS Percentile13.29th
PublishedJun 22, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Multiple PHP remote file inclusion vulnerabilities in SerWeb 0.9.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the _SERWEB[serwebdir] parameter to (1) html/load_apu.php or (2) html/mail_prepend.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected Platforms (CPE)

πŸ“¦
Iptel

Serweb

<= 0.9.6

References & Advisories

πŸ”— http://osvdb.org/36325
πŸ”— http://osvdb.org/36326
πŸ”— http://secunia.com/advisories/25680
πŸ”— http://osvdb.org/36325
πŸ”— http://osvdb.org/36326
πŸ”— http://secunia.com/advisories/25680

Related Vulnerabilities

CVE-2007-33586.8

PHP remote file inclusion vulnerability in html/load_lang.php in SerWeb 0.9.6 and earlier allows remote attackers to execute arbit...

CVE-2007-62896.8

Multiple PHP remote file inclusion vulnerabilities in SerWeb 2.0.0 dev1 and earlier allow remote attackers to execute arbitrary PH...

CVE-2007-62905.0

Multiple directory traversal vulnerabilities in js/get_js.php in SERWeb 2.0.0 dev1 and earlier allow remote attackers to read arbi...

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...