CVE-2007-3530 — HIGH (7.2) — White Hats Nepal

Q: What is CVE-2007-3530?

CVE-2007-3530 is a vulnerability with a CVSS score of 7.2 (HIGH). PHPDirector 0.21 and earlier stores the admin account name and password in config.php, which allows local users to gain privileges by reading this file.

Q: How severe is CVE-2007-3530?

CVE-2007-3530 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2007-3530?

Check the references section above for vendor advisories and patch information. Affected products include: Phpdirector Phpdirector.

Vulnerability Description

PHPDirector 0.21 and earlier stores the admin account name and password in config.php, which allows local users to gain privileges by reading this file.

CVSS Score

7.2

HIGH

AV:L/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Phpdirector	Phpdirector	<= 0.21

References

http://osvdb.org/39718
http://www.exploit-db.com/exploits/4139
http://www.securityfocus.com/archive/1/472661/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/35222
http://osvdb.org/39718
http://www.exploit-db.com/exploits/4139
http://www.securityfocus.com/archive/1/472661/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/35222

FAQ

What is CVE-2007-3530?

CVE-2007-3530 is a vulnerability with a CVSS score of 7.2 (HIGH). PHPDirector 0.21 and earlier stores the admin account name and password in config.php, which allows local users to gain privileges by reading this file.

How severe is CVE-2007-3530?

CVE-2007-3530 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-3530?

Check the references section above for vendor advisories and patch information. Affected products include: Phpdirector Phpdirector.