CyberSec.Space Logo
返回 CVE 浏览器

CVE-2007-0531

HIGH
7.5
CVSS Severity Score
EPSS Score0.0980%
EPSS Percentile22.99th
Published2007年1月26日
Last Modified2026年4月23日

Vulnerability Description

PHP remote file inclusion vulnerability in includes/login.php in FreeWebShop 2.2.3 and 2.2.4 before 20070123 allows remote attackers to execute arbitrary PHP code via a URL in the lang_file parameter.

Affected Platforms (CPE)

📦
Freewebshop

Freewebshop

= 2.2.3
📦
Freewebshop

Freewebshop

= 2.2.4

References & Advisories

🔗 http://14house.blogspot.com/2007/01/freewebshoporg-remote-file-inclusion.html
🔗 http://osvdb.org/32951
🔗 http://secunia.com/advisories/23898
🔗 http://securitytracker.com/id?1017549
🔗 http://www.freewebshop.org/?id=36
🔗 http://www.vupen.com/english/advisories/2007/0319
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/31732
🔗 http://14house.blogspot.com/2007/01/freewebshoporg-remote-file-inclusion.html

相关漏洞威胁

CVE-2006-57727.5

Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 and earlier allow remote attackers to execute arbitrary S...

CVE-2007-64667.5

Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 allow remote attackers to execute arbitrary SQL commands ...

CVE-2006-58466.4

Directory traversal vulnerability in index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to read and include arbitr...

CVE-2006-58476.1

Cross-site scripting (XSS) vulnerability in index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to inject arbitrary...