CVEブラウザに戻る

CVE-2007-1795

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0830%

EPSS Percentile18.89th

Published2007年4月2日

Last Modified2026年4月23日

Vulnerability Description

JCcorp URLshrink 1.3.1 allows remote attackers to execute arbitrary PHP code via the email address field in an HTML link. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected Platforms (CPE)

📦

Jccorp

Urlshrink

= 1.3.1

References & Advisories

🔗 http://developers.jccorp.net/modules/newbb/viewtopic.php?topic_id=33&forum=8

🔗 http://www.securityfocus.com/bid/23217

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/33320

🔗 http://developers.jccorp.net/modules/newbb/viewtopic.php?topic_id=33&forum=8

🔗 http://www.securityfocus.com/bid/23217

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/33320

関連する脆弱性情報

CVE-2007-141610.0

PHP remote file inclusion vulnerability in createurl.php in JCcorp (aka James Coyle) URLshrink allows remote attackers to execute ...

CVE-2007-179610.0

Multiple unspecified vulnerabilities in JCcorp URLshrink before 1.3.2 have unspecified attack vectors and impact.

CVE-2007-182210.0

Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailbo...

CVE-2007-158710.0

templates/config/mail.tpl in Tim Soderstrom StatsDawg 0.92 allows remote attackers to execute arbitrary programs by specifying the...