CyberSec.Space Logo
返回 CVE 浏览器

CVE-2007-3325

HIGH
7.5
CVSS Severity Score
EPSS Score0.1430%
EPSS Percentile18.07th
Published2007年6月21日
Last Modified2026年4月23日

Vulnerability Description

PHP remote file inclusion vulnerability in lib/language.php in LAN Management System (LMS) 1.9.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _LIB_DIR parameter, a different vector than CVE-2007-1643 and CVE-2007-2205.

Affected Platforms (CPE)

📦
Lms

Lan Management System

<= 1.6.9

References & Advisories

🔗 http://osvdb.org/36194
🔗 http://www.securityfocus.com/bid/24578
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/34959
🔗 https://www.exploit-db.com/exploits/4086
🔗 http://osvdb.org/36194
🔗 http://www.securityfocus.com/bid/24578
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/34959
🔗 https://www.exploit-db.com/exploits/4086

相关漏洞威胁

CVE-2007-164310.0

Multiple PHP remote file inclusion vulnerabilities in LAN Management System (LMS) 1.8.9 Vala and earlier allow remote attackers to...

CVE-2018-68547.8

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to L...

CVE-2019-152627.5

A vulnerability in the Secure Shell (SSH) session management for Cisco Wireless LAN Controller (WLC) Software could allow an unaut...

CVE-2007-22057.5

PHP remote file inclusion vulnerability in modules/rtmessageadd.php in LAN Management System (LMS) 1.5.3, and possibly 1.5.4, allo...