CyberSec.Space Logo
CVEブラウザに戻る

CVE-2007-6174

HIGH
8.5
CVSS Severity Score
EPSS Score0.1540%
EPSS Percentile44.61th
Published2007年11月30日
Last Modified2026年4月23日

Vulnerability Description

PHPDevShell before 0.7.0 allows remote authenticated users to gain privileges via a crafted request to update a user profile. NOTE: some of these details are obtained from third party information.

Affected Platforms (CPE)

📦
Phpdevshell

Phpdevshell

<= 0.6.0

References & Advisories

🔗 http://secunia.com/advisories/27828
🔗 http://www.phpdevshell.org/changelog
🔗 http://www.securityfocus.com/bid/26615
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/38736
🔗 http://secunia.com/advisories/27828
🔗 http://www.phpdevshell.org/changelog
🔗 http://www.securityfocus.com/bid/26615
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/38736

関連する脆弱性情報

CVE-2007-618610.0

Unspecified vulnerability in PHPDevShell before 0.7.0 has unknown impact and attack vectors, involving a "minor security bug in re...

CVE-2011-37735.0

PHPDevShell 3.0.0-Beta-4b allows remote attackers to obtain sensitive information via a direct request to a .php file, which revea...

CVE-2007-350010.0

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.

CVE-2007-182210.0

Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailbo...