CVE-2007-0930

high

Description

Variable extract vulnerability in Apache Stats before 0.0.3beta allows attackers to modify arbitrary variables and conduct attacks via unknown vectors involving the use of PHP's extract function.

References

http://www.vupen.com/english/advisories/2007/0559

http://www.securityfocus.com/bid/22388

http://sourceforge.net/forum/forum.php?forum_id=660919

Details

Source: Mitre, NVD

Published: 2007-02-14

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Severity: High

EPSS

EPSS: 0.00365