Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2007-4009
Modified
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-26 Jul, 2007 | 00:30
Updated At-14 Feb, 2024 | 01:17

PHP remote file inclusion vulnerability in admin/business_inc/saveserver.php in SWSoft Confixx Pro 2.0.12 through 3.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the thisdir parameter.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.09.3HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
CPE Matches
Parallels International Gmbh
parallels
>>confixx>>2.0.12
cpe:2.3:a:parallels:confixx:2.0.12:*:pro:*:*:*:*:*
Parallels International Gmbh
parallels
>>confixx>>3.3.1
cpe:2.3:a:parallels:confixx:3.3.1:*:pro:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-94Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
ftp://download1.swsoft.com/Confixx/security_hotfix/1/release_notes.txtcve@mitre.org
N/A
http://secunia.com/advisories/26300cve@mitre.org
Vendor Advisory
http://www.securityfocus.com/bid/25036cve@mitre.org
Exploit
http://www.vupen.com/english/advisories/2007/2743cve@mitre.org
Vendor Advisory
http://xpkzxc.com/exploits/confixx.txtcve@mitre.org
URL Repurposed
https://exchange.xforce.ibmcloud.com/vulnerabilities/35586cve@mitre.org
N/A
https://www.exploit-db.com/exploits/4219cve@mitre.org
N/A
Change History
0Changes found
Details not found