Vulnerability Details : CVE-2007-2141
Direct static code injection vulnerability in shoutbox.php in ShoutPro 1.5.2 allows remote attackers to inject arbitrary PHP code into shouts.php via the shout parameter.
Exploit prediction scoring system (EPSS) score for CVE-2007-2141
Probability of exploitation activity in the next 30 days: 14.16%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 96 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2007-2141
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2007-2141
-
https://www.exploit-db.com/exploits/3758
-
http://www.securityfocus.com/bid/23542
Exploit
-
http://securityreason.com/securityalert/2593
-
http://www.vupen.com/english/advisories/2007/1432
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/33727
-
http://www.securityfocus.com/archive/1/466037/100/0/threaded
Products affected by CVE-2007-2141
- cpe:2.3:a:shoutpro:shoutpro:*:*:*:*:*:*:*:*