Vulnerability Details CVE-2007-3621
Multiple CRLF injection vulnerabilities in callboth.php in AsteriDex 3.0 and earlier allow remote attackers to inject arbitrary shell commands via the (1) IN and (2) OUT parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.153
EPSS Ranking 94.7%
CVSS Severity
CVSS v2 Score 7.5
References
- http://bestof.nerdvittles.com/applications/asteridex/
- http://osvdb.org/37846
- http://secunia.com/advisories/25965
- http://securityreason.com/securityalert/2863
- http://www.hoku.co.uk/advisories/asteridex.txt
- http://www.securityfocus.com/archive/1/472907/100/0/threaded
- http://www.securityfocus.com/bid/24781
- http://www.vupen.com/english/advisories/2007/2446
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35270
- https://www.exploit-db.com/exploits/4151
- http://bestof.nerdvittles.com/applications/asteridex/
- http://osvdb.org/37846
- http://secunia.com/advisories/25965
- http://securityreason.com/securityalert/2863
- http://www.hoku.co.uk/advisories/asteridex.txt
- http://www.securityfocus.com/archive/1/472907/100/0/threaded
- http://www.securityfocus.com/bid/24781
- http://www.vupen.com/english/advisories/2007/2446
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35270
- https://www.exploit-db.com/exploits/4151