1. Home
  2. CVE Database
  3. CVE-2007-6082
HIGH · 9.3

CVE-2007-6082

Direct static code injection vulnerability in acp/savenews.php in Sciurus Hosting Panel, possibly 2.0.3, allows remote attackers to inject arbitrary PHP code via the filecontents parameter, which can ...

Vulnerability Description

Direct static code injection vulnerability in acp/savenews.php in Sciurus Hosting Panel, possibly 2.0.3, allows remote attackers to inject arbitrary PHP code via the filecontents parameter, which can be executed by accessing includes/news.php.

CVSS Score

9.3

HIGH

AV:N/AC:M/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
SciurusSciurus Hosting Panel2.0.3

Related Weaknesses (CWE)

CWE-94

References

FAQ

What is CVE-2007-6082?

CVE-2007-6082 is a vulnerability with a CVSS score of 9.3 (HIGH). Direct static code injection vulnerability in acp/savenews.php in Sciurus Hosting Panel, possibly 2.0.3, allows remote attackers to inject arbitrary PHP code via the filecontents parameter, which can ...

How severe is CVE-2007-6082?

CVE-2007-6082 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-6082?

Check the references section above for vendor advisories and patch information. Affected products include: Sciurus Sciurus Hosting Panel.