CVE-2007-3085

{"id": "CVE-2007-3085", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2007-06-06T10:30:00.000", "references": [{"url": "http://osvdb.org/38759", "source": "[email protected]"}, {"url": "http://osvdb.org/38760", "source": "[email protected]"}, {"url": "http://osvdb.org/38761", "source": "[email protected]"}, {"url": "http://osvdb.org/38762", "source": "[email protected]"}, {"url": "http://osvdb.org/38763", "source": "[email protected]"}, {"url": "http://osvdb.org/38764", "source": "[email protected]"}, {"url": "http://osvdb.org/38765", "source": "[email protected]"}, {"url": "http://osvdb.org/38766", "source": "[email protected]"}, {"url": "http://osvdb.org/38767", "source": "[email protected]"}, {"url": "http://osvdb.org/38768", "source": "[email protected]"}, {"url": "http://osvdb.org/38769", "source": "[email protected]"}, {"url": "http://osvdb.org/38770", "source": "[email protected]"}, {"url": "http://osvdb.org/38771", "source": "[email protected]"}, {"url": "http://osvdb.org/38772", "source": "[email protected]"}, {"url": "http://osvdb.org/38773", "source": "[email protected]"}, {"url": "http://osvdb.org/38774", "source": "[email protected]"}, {"url": "http://osvdb.org/38775", "source": "[email protected]"}, {"url": "http://osvdb.org/38776", "source": "[email protected]"}, {"url": "http://osvdb.org/38777", "source": "[email protected]"}, {"url": "http://osvdb.org/38778", "source": "[email protected]"}, {"url": "http://osvdb.org/38779", "source": "[email protected]"}, {"url": "http://osvdb.org/38780", "source": "[email protected]"}, {"url": "http://osvdb.org/38781", "source": "[email protected]"}, {"url": "http://osvdb.org/38782", "source": "[email protected]"}, {"url": "http://osvdb.org/38783", "source": "[email protected]"}, {"url": "http://osvdb.org/38784", "source": "[email protected]"}, {"url": "http://osvdb.org/38785", "source": "[email protected]"}, {"url": "http://osvdb.org/38786", "source": "[email protected]"}, {"url": "http://securityreason.com/securityalert/2777", "source": "[email protected]"}, {"url": "http://www.securityfocus.com/archive/1/470239/100/0/threaded", "source": "[email protected]"}, {"url": "http://www.securityfocus.com/archive/1/470347/100/0/threaded", "source": "[email protected]"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34675", "source": "[email protected]"}, {"url": "http://osvdb.org/38759", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38760", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38761", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38762", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38763", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38764", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38765", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38766", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38767", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38768", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38769", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38770", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38771", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38772", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38773", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38774", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38775", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38776", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38777", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38778", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38779", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38780", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38781", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38782", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38783", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38784", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38785", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38786", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securityreason.com/securityalert/2777", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/470239/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/470347/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34675", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Multiple PHP remote file inclusion vulnerabilities in PBSite allow remote attackers to execute arbitrary PHP code via a URL in the (1) dbpath parameter to (a) useronline.php, (b) ucp.php, (c) setcookie.php, (d) sendpm.php, (e) search.php, (f) register.php, (g) profile.php, (h) post.php, (i) pmpshow.php, (j) pm.php, (k) ntopic.php, (l) nreply.php, (m) news.php, (n) memberslist.php, (o) logout.php, (p) login.php, (q) index.php, (r) help.php, (s) forum.php, (t) error.php, (u) editpost.php, (v) delpost.php, (w) delpm.php, (x) confirm.php, (y) board.php, (z) admin2.php, (aa) admin.php, or (bb) templates/pb/css/formstyles.php; or the (2) temppath parameter to (a) useronline.php, (c) setcookie.php, (e) search.php, (f) register.php, (h) post.php, (l) nreply.php, (m) news.php, (o) logout.php, (p) login.php, (q) index.php, (r) help.php, (s) forum.php, (t) error.php, (w) delpm.php, (x) confirm.php, or (y) board.php."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de inclusi\u00f3n remota de archivo en PHP en PBSite permite a atacantes remotos ejecutar c\u00f3digo PHP de su elecci\u00f3n mediante una URL en el (1) par\u00e1metro dbpath a (a) useronline.php, (b) ucp.php, (c) setcookie.php, (d) sendpm.php, (e) search.php, (f) register.php, (g) profile.php, (h) post.php, (i) pmpshow.php, (j) pm.php, (k) ntopic.php, (l) nreply.php, (m) news.php, (n) memberslist.php, (o) logout.php, (p) login.php, (q) index.php, (r) help.php, (s) forum.php, (t) error.php, (u) editpost.php, (v) delpost.php, (w) delpm.php, (x) confirm.php, (y) board.php, (z) admin2.php, (aa) admin.php, o (bb) templates/pb/css/formstyles.php; o el (2) par\u00e1metro temppath a (a) useronline.php, (c) setcookie.php, (e) search.php, (f) register.php, (h) post.php, (l) nreply.php, (m) news.php, (o) logout.php, (p) login.php, (q) index.php, (r) help.php, (s) forum.php, (t) error.php, (w) delpm.php, (x) confirm.php, o (y) board.php."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:pbsite:pbsite:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB636435-135B-4A3F-AE11-58ED6DBCE1F9"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}