PHP Remote File Inclusion Vulnerabilities in TeamCal Pro by TeamCal
CVE-2007-6553

Currently unrated

Key Information:

Vendor: George Lewe
Status: Teamcal Pro
Vendor: CVE Published:; 28 December 2007

🔔 Create George Lewe Vulnerability Alert

Badges

👾 Exploit Exists🟣 EPSS 10%

What is CVE-2007-6553?

Multiple PHP remote file inclusion vulnerabilities exist in TeamCal Pro versions 3.1.000 and earlier. These flaws allow remote attackers to execute arbitrary PHP code by manipulating the CONF[app_root] parameter, affecting critical files within the application. Exploiting these vulnerabilities could lead to unauthorized access and control over the affected systems, posing significant security risks to users.

References

http://osvdb.org/39813

vdb-entryx_refsource_OSVDB

http://osvdb.org/39821

vdb-entryx_refsource_OSVDB

http://osvdb.org/39809

vdb-entryx_refsource_OSVDB

EPSS Score

10% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Dec 28, 2007
👾
Exploit known to exist
Dec 28, 2007
Vulnerability published
Dec 28, 2007
Vulnerability Reserved
Dec 27, 2007

CVE-2007-6553 Data

JSON