CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2007-1408

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1740%
EPSS Percentile24.30th
Published2007年3月10日
Last Modified2026年4月23日

Vulnerability Description

Multiple vulnerabilities in (1) bank.php, (2) landfill.php, (3) outposts.php, (4) tribes.php, (5) house.php, (6) tribearmor.php, (7) tribeastral.php, (8) tribeware.php, and (9) includes/head.php in Bartek Jasicki Vallheru before 1.3 beta have unknown impact and remote attack vectors, probably related to large integer values containing more than 15 digits. NOTE: the original vendor report is for integer overflows, but this is probably an incorrect usage of the term.

Affected Platforms (CPE)

📦
Vallheru

Vallheru

<= 1.0.6

References & Advisories

🔗 http://sourceforge.net/forum/forum.php?forum_id=672237
🔗 http://sourceforge.net/project/shownotes.php?release_id=491871&group_id=118350
🔗 http://vallheru.svn.sourceforge.net/viewvc/vallheru/vallheru2/bank.php?r1=910&r2=918
🔗 http://sourceforge.net/forum/forum.php?forum_id=672237
🔗 http://sourceforge.net/project/shownotes.php?release_id=491871&group_id=118350
🔗 http://vallheru.svn.sourceforge.net/viewvc/vallheru/vallheru2/bank.php?r1=910&r2=918

相關漏洞威脅

CVE-2006-59267.5

Multiple SQL injection vulnerabilities in mail.php in Vallheru before 1.0.7 allow remote attackers to execute arbitrary SQL comman...

CVE-2007-049610.0

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to ex...

CVE-2007-350010.0

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.

CVE-2007-023610.0

Double free vulnerability in the _ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attacker...