CyberSec.Space Logo
返回 CVE 浏览器

CVE-2007-1643

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1860%
EPSS Percentile4.06th
Published2007年3月24日
Last Modified2026年4月23日

Vulnerability Description

Multiple PHP remote file inclusion vulnerabilities in LAN Management System (LMS) 1.8.9 Vala and earlier allow remote attackers to execute arbitrary PHP code via a URL in (1) the CONFIG[directories][userpanel_dir] parameter to userpanel.php or the (2) _LIB_DIR parameter to welcome.php.

Affected Platforms (CPE)

📦
Lan Management System

Lan Management System

<= 1.8.9

References & Advisories

🔗 http://secunia.com/advisories/24621
🔗 http://www.attrition.org/pipermail/vim/2007-April/001560.html
🔗 http://www.securityfocus.com/bid/23099
🔗 http://www.securityfocus.com/bid/23100
🔗 http://www.vupen.com/english/advisories/2007/1086
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/33158
🔗 https://www.exploit-db.com/exploits/3545
🔗 http://secunia.com/advisories/24621

相关漏洞威胁

CVE-2018-68547.8

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to L...

CVE-2019-152627.5

A vulnerability in the Secure Shell (SSH) session management for Cisco Wireless LAN Controller (WLC) Software could allow an unaut...

CVE-2007-22057.5

PHP remote file inclusion vulnerability in modules/rtmessageadd.php in LAN Management System (LMS) 1.5.3, and possibly 1.5.4, allo...

CVE-2007-33257.5

PHP remote file inclusion vulnerability in lib/language.php in LAN Management System (LMS) 1.9.6 and earlier allows remote attacke...