Vulnerability Description
Multiple PHP remote file inclusion vulnerabilities in AzDG Dating Gold 3.0.5 allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter to (1) header.php, (2) footer.php, or (3) secure.admin.php in templates/.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Azerbaijan Development Group | Azdgdating | 3.0.5 |
References
- http://osvdb.org/36262
- http://osvdb.org/36263
- http://osvdb.org/36264
- http://securityreason.com/securityalert/2888
- http://www.securityfocus.com/archive/1/473664/100/0/threaded
- http://www.securityfocus.com/bid/24910Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35428
- http://osvdb.org/36262
- http://osvdb.org/36263
- http://osvdb.org/36264
- http://securityreason.com/securityalert/2888
- http://www.securityfocus.com/archive/1/473664/100/0/threaded
- http://www.securityfocus.com/bid/24910Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35428
FAQ
What is CVE-2007-3792?
CVE-2007-3792 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple PHP remote file inclusion vulnerabilities in AzDG Dating Gold 3.0.5 allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter to (1) header.php, (2) footer.php,...
How severe is CVE-2007-3792?
CVE-2007-3792 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3792?
Check the references section above for vendor advisories and patch information. Affected products include: Azerbaijan Development Group Azdgdating.