CVE-2007-4861: CVE-2007-4861

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-4861

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

SAXON 5.4, with display_errors enabled, allows remote attackers to obtain sensitive information via (1) a direct request for news.php, (2) an invalid use of a newsid array parameter to admin/edit-item.php, and possibly unspecified vectors related to additional scripts in (3) admin/, (4) rss/, and (5) the root directory of the installation, which reveal the path in various error messages.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Quirm SAXON 'news.php' 信息泄露漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

SAXON 5.4和display_errors被激活时允许远程攻击者可以借助(1) 对news.php提交一个直接请求, (2) 对admin/edit-item.php的newsid数组参数的一个无效使用, 以及可能的未明向量，和(3) admin/, (4) rss/, 和 (5) 安装的子目录的添加的脚本，获得敏感信息，这会导致在不同的错误信息中泄露路径信息。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2007-4861

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2007-4861

Please Login to view more intelligence information

http://www.quirm.net/punbb/viewtopic.php?id=129x_refsource_CONFIRM
http://www.netvigilance.com/advisory0053x_refsource_MISC
http://securityreason.com/securityalert/3311third-party-advisoryx_refsource_SREASON
http://osvdb.org/45334vdb-entryx_refsource_OSVDB
http://osvdb.org/45330vdb-entryx_refsource_OSVDB
http://osvdb.org/45333vdb-entryx_refsource_OSVDB
http://osvdb.org/45331vdb-entryx_refsource_OSVDB
http://osvdb.org/45332vdb-entryx_refsource_OSVDB
https://exchange.xforce.ibmcloud.com/vulnerabilities/38138vdb-entryx_refsource_XF
http://www.securityfocus.com/archive/1/482930/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2007-4861

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2007-4861

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2007-4861

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2007-4861

III. Intelligence Information for CVE-2007-4861

IV. Related Vulnerabilities

V. Comments for CVE-2007-4861

Leave a comment