CyberSec.Space Logo
Back to CVE Browser

CVE-2007-6174

HIGH
8.5
CVSS Severity Score
EPSS Score0.1540%
EPSS Percentile44.61th
PublishedNov 30, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

PHPDevShell before 0.7.0 allows remote authenticated users to gain privileges via a crafted request to update a user profile. NOTE: some of these details are obtained from third party information.

Affected Platforms (CPE)

πŸ“¦
Phpdevshell

Phpdevshell

<= 0.6.0

References & Advisories

πŸ”— http://secunia.com/advisories/27828
πŸ”— http://www.phpdevshell.org/changelog
πŸ”— http://www.securityfocus.com/bid/26615
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/38736
πŸ”— http://secunia.com/advisories/27828
πŸ”— http://www.phpdevshell.org/changelog
πŸ”— http://www.securityfocus.com/bid/26615
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/38736

Related Vulnerabilities

CVE-2007-618610.0

Unspecified vulnerability in PHPDevShell before 0.7.0 has unknown impact and attack vectors, involving a "minor security bug in re...

CVE-2011-37735.0

PHPDevShell 3.0.0-Beta-4b allows remote attackers to obtain sensitive information via a direct request to a .php file, which revea...

CVE-2007-350010.0

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.

CVE-2007-049610.0

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to ex...