1. Home
  2. CVE Database
  3. CVE-2007-2199
MEDIUM · 6.8

CVE-2007-2199

PHP remote file inclusion vulnerability in lib/pcltar.lib.php (aka pcltar.php) in the PclTar module 1.3 and 1.3.1 for Vincent Blavet PhpConcept Library, as used in multiple products including (1) Joom...

Vulnerability Description

PHP remote file inclusion vulnerability in lib/pcltar.lib.php (aka pcltar.php) in the PclTar module 1.3 and 1.3.1 for Vincent Blavet PhpConcept Library, as used in multiple products including (1) Joomla! 1.5.0 Beta, (2) N/X Web Content Management System (WCMS) 4.5, (3) CJG EXPLORER PRO 3.3, and (4) phpSiteBackup 0.1, allows remote attackers to execute arbitrary PHP code via a URL in the g_pcltar_lib_dir parameter.

CVSS Score

6.8

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
Cjg Explorer ProCjg Explorer Pro3.3
JoomlaJoomla1.5.0
NxN X Wcms4.5
PhpsitebackupPhpsitebackup0.1

Related Weaknesses (CWE)

CWE-94

References

FAQ

What is CVE-2007-2199?

CVE-2007-2199 is a vulnerability with a CVSS score of 6.8 (MEDIUM). PHP remote file inclusion vulnerability in lib/pcltar.lib.php (aka pcltar.php) in the PclTar module 1.3 and 1.3.1 for Vincent Blavet PhpConcept Library, as used in multiple products including (1) Joom...

How severe is CVE-2007-2199?

CVE-2007-2199 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-2199?

Check the references section above for vendor advisories and patch information. Affected products include: Cjg Explorer Pro Cjg Explorer Pro, Joomla Joomla, Nx N X Wcms, Phpsitebackup Phpsitebackup.