CVE-2007-0649 (CNNVD-200701-595)
中文标题:
OpenEMR 'Import_XML.PHP'远程文件包含漏洞
英文标题:
Variable overwrite vulnerability in interface/globals.php in OpenEMR 2.8.2 and earlier allows remote...
漏洞描述
中文描述:
OpenEMR 2.8.2版本及其早期版本的interface/globals.php中存在自变量重写漏洞。远程攻击者重写任意程序自变量并执行其他为验证活动,例如(a)可以借助custom/import_xml.php中的srcdir参数执行远程文件包含攻击或(b)可以借助interface/login/login_frame.php的rootdir或可以借助(1)POST和(2)GET超全球数组上的求根操作有关的向量,参数执行跨站脚本攻击。
英文描述:
Variable overwrite vulnerability in interface/globals.php in OpenEMR 2.8.2 and earlier allows remote attackers to overwrite arbitrary program variables and conduct other unauthorized activities, such as conduct (a) remote file inclusion attacks via the srcdir parameter in custom/import_xml.php or (b) cross-site scripting (XSS) attacks via the rootdir parameter in interface/login/login_frame.php, via vectors associated with extract operations on the (1) POST and (2) GET superglobal arrays. NOTE: this issue was originally disputed before the extract behavior was identified in post-disclosure analysis. Also, the original report identified "Open Conference Systems," but this was an error.
CWE类型:
标签:
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| openemr | openemr | * | - | - |
cpe:2.3:a:openemr:openemr:*:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
英文解决方案:
临时解决方案:
参考链接
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
exploitdb
exploitdb
cve.org
exploitdb
exploitdb
CVSS评分详情
AV:N/AC:H/Au:M/C:P/I:P/A:P
时间信息
利用信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2007-0649 |
2025-11-11 15:17:49 | 2025-11-11 07:32:41 |
| NVD | nvd_CVE-2007-0649 |
2025-11-11 14:52:09 | 2025-11-11 07:41:27 |
| CNNVD | cnnvd_CNNVD-200701-595 |
2025-11-11 15:08:55 | 2025-11-11 07:49:14 |
| EXPLOITDB | exploitdb_EDB-29556 |
2025-11-11 15:05:39 | 2025-11-11 08:25:02 |
| EXPLOITDB | exploitdb_EDB-29557 |
2025-11-11 15:05:39 | 2025-11-11 08:25:02 |
版本与语言
安全公告
变更历史
查看详细变更
- references_count: 16 -> 18
- tags_count: 4 -> 6
查看详细变更
- references_count: 13 -> 16
- tags_count: 0 -> 4
- data_sources: ['cnnvd', 'cve', 'nvd'] -> ['cnnvd', 'cve', 'exploitdb', 'nvd']
查看详细变更
- vulnerability_type: 未提取 -> 代码注入
- cnnvd_id: 未提取 -> CNNVD-200701-595
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
查看详细变更
- cvss_score: 未提取 -> 4.3
- cvss_vector: NOT_EXTRACTED -> AV:N/AC:H/Au:M/C:P/I:P/A:P
- cvss_version: NOT_EXTRACTED -> 2.0
- affected_products_count: 0 -> 1
- data_sources: ['cve'] -> ['cve', 'nvd']