Vulnerability-Lookup

FKIE_CVE-2007-6553

Vulnerability from fkie_nvd - Published: 2007-12-28 00:46 - Updated: 2026-06-16 22:48

Severity

Summary

Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONF[app_root] parameter to (1) tcuser.class.php, (2) absencecount.inc.php, (3) avatar.inc.php, (4) csvhandler.class.php, (5) functions.tcpro.php, (6) header.html.inc.php, (7) joomlajack.tcpro.php, (8) menu.inc.php, (9) other.inc.php, (10) tcabsence.class.php, (11) tcabsencegroup.class.php, (12) tcallowance.class.php, (13) tcannouncement.class.php, (14) tcconfig.class.php, (15) tcdaynote.class.php, (16) tcgroup.class.php, (17) tcholiday.class.php, (18) tclogin.class.php, (19) tcmonth.class.php, (20) tctemplate.class.php, (21) tcusergroup.class.php, or (22) tcuseroption.class.php in includes/, possibly a related issue to CVE-2006-4845.

References

URL	Tags
cve@mitre.org	http://osvdb.org/39805
cve@mitre.org	http://osvdb.org/39806
cve@mitre.org	http://osvdb.org/39807
cve@mitre.org	http://osvdb.org/39808
cve@mitre.org	http://osvdb.org/39809
cve@mitre.org	http://osvdb.org/39810
cve@mitre.org	http://osvdb.org/39811
cve@mitre.org	http://osvdb.org/39812
cve@mitre.org	http://osvdb.org/39813
cve@mitre.org	http://osvdb.org/39814
cve@mitre.org	http://osvdb.org/39815
cve@mitre.org	http://osvdb.org/39816
cve@mitre.org	http://osvdb.org/39817
cve@mitre.org	http://osvdb.org/39818
cve@mitre.org	http://osvdb.org/39819
cve@mitre.org	http://osvdb.org/39820
cve@mitre.org	http://osvdb.org/39821
cve@mitre.org	http://osvdb.org/39822
cve@mitre.org	http://osvdb.org/39823
cve@mitre.org	http://osvdb.org/39824
cve@mitre.org	http://osvdb.org/39825
cve@mitre.org	http://osvdb.org/39826
cve@mitre.org	http://www.securityfocus.com/bid/27022	Exploit
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/39212
cve@mitre.org	https://www.exploit-db.com/exploits/4785
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39805
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39806
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39807
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39808
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39809
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39810
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39811
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39812
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39813
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39814
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39815
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39816
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39817
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39818
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39819
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39820
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39821
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39822
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39823
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39824
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39825
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39826
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/27022	Exploit
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/39212
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/4785

Impacted products

	Vendor	Product	Version
	george_lewe	teamcal_pro	*

JSON

To clipboard

{
  "affected": [
    {
      "affectedData": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "source": "cve@mitre.org"
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:george_lewe:teamcal_pro:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9E51DF1-C1FB-43B7-88DA-7BFB6F4C7618",
              "versionEndIncluding": "3.1.000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONF[app_root] parameter to (1) tcuser.class.php, (2) absencecount.inc.php, (3) avatar.inc.php, (4) csvhandler.class.php, (5) functions.tcpro.php, (6) header.html.inc.php, (7) joomlajack.tcpro.php, (8) menu.inc.php, (9) other.inc.php, (10) tcabsence.class.php, (11) tcabsencegroup.class.php, (12) tcallowance.class.php, (13) tcannouncement.class.php, (14) tcconfig.class.php, (15) tcdaynote.class.php, (16) tcgroup.class.php, (17) tcholiday.class.php, (18) tclogin.class.php, (19) tcmonth.class.php, (20) tctemplate.class.php, (21) tcusergroup.class.php, or (22) tcuseroption.class.php in includes/, possibly a related issue to CVE-2006-4845."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de inclusi\u00f3n remota de fichero PHP en TeamCal Pro 3.1.000 y versiones anteriores. Permite que atacantes remotos ejecuten c\u00f3digo PHP a su elecci\u00f3n, a trav\u00e9s de una URL en el par\u00e1metro CONF[app_root] pasado a (1) tcuser.class.php, (2) absencecount.inc.php, (3) avatar.inc.php, (4) csvhandler.class.php, (5) functions.tcpro.php, (6) header.html.inc.php, (7) joomlajack.tcpro.php, (8) menu.inc.php, (9) other.inc.php, (10) tcabsence.class.php, (11) tcabsencegroup.class.php, (12) tcallowance.class.php, (13) tcannouncement.class.php, (14) tcconfig.class.php, (15) tcdaynote.class.php, (16) tcgroup.class.php, (17) tcholiday.class.php, (18) tclogin.class.php, (19) tcmonth.class.php, (20) tctemplate.class.php, (21) tcusergroup.class.php, o (22) tcuseroption.class.php en el directorio includes/. Posiblmente, un problema relacionado con CVE-2006-4845."
    }
  ],
  "id": "CVE-2007-6553",
  "lastModified": "2026-06-16T22:48:19.187",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-12-28T00:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/39805"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/39806"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/39807"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/39808"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/39809"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/39810"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/39811"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/39812"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/39813"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/39814"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/39815"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/39816"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/39817"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/39818"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/39819"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/39820"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/39821"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/39822"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/39823"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/39824"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/39825"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/39826"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/27022"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39212"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.exploit-db.com/exploits/4785"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39805"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39806"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39807"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39808"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39809"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39810"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39811"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39812"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39813"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39814"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39815"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39816"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39817"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39818"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39819"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39820"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39821"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39822"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39823"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39824"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39825"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39826"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/27022"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39212"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/4785"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2007-6553 (GCVE-0-2007-6553)

Vulnerability from cvelistv5 – Published: 2007-12-28 00:00 – Updated: 2024-08-07 16:11

Summary

Severity

No CVSS data available.

CWE

Assigner

mitre

References

25 references

URL	Tags
http://osvdb.org/39813	vdb-entryx_refsource_OSVDB
http://osvdb.org/39821	vdb-entryx_refsource_OSVDB
http://osvdb.org/39809	vdb-entryx_refsource_OSVDB
http://osvdb.org/39811	vdb-entryx_refsource_OSVDB
http://osvdb.org/39820	vdb-entryx_refsource_OSVDB
http://osvdb.org/39806	vdb-entryx_refsource_OSVDB
http://osvdb.org/39808	vdb-entryx_refsource_OSVDB
http://osvdb.org/39826	vdb-entryx_refsource_OSVDB
http://osvdb.org/39805	vdb-entryx_refsource_OSVDB
https://www.exploit-db.com/exploits/4785	exploitx_refsource_EXPLOIT-DB
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
http://osvdb.org/39807	vdb-entryx_refsource_OSVDB
http://osvdb.org/39815	vdb-entryx_refsource_OSVDB
http://osvdb.org/39823	vdb-entryx_refsource_OSVDB
http://osvdb.org/39822	vdb-entryx_refsource_OSVDB
http://osvdb.org/39817	vdb-entryx_refsource_OSVDB
http://osvdb.org/39825	vdb-entryx_refsource_OSVDB
http://osvdb.org/39812	vdb-entryx_refsource_OSVDB
http://osvdb.org/39818	vdb-entryx_refsource_OSVDB
http://osvdb.org/39824	vdb-entryx_refsource_OSVDB
http://osvdb.org/39819	vdb-entryx_refsource_OSVDB
http://www.securityfocus.com/bid/27022	vdb-entryx_refsource_BID
http://osvdb.org/39810	vdb-entryx_refsource_OSVDB
http://osvdb.org/39814	vdb-entryx_refsource_OSVDB
http://osvdb.org/39816	vdb-entryx_refsource_OSVDB

Date Public

2007-12-25 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:11:06.050Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "39813",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39813"
          },
          {
            "name": "39821",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39821"
          },
          {
            "name": "39809",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39809"
          },
          {
            "name": "39811",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39811"
          },
          {
            "name": "39820",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39820"
          },
          {
            "name": "39806",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39806"
          },
          {
            "name": "39808",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39808"
          },
          {
            "name": "39826",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39826"
          },
          {
            "name": "39805",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39805"
          },
          {
            "name": "4785",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/4785"
          },
          {
            "name": "teamcal-multiple-file-include(39212)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39212"
          },
          {
            "name": "39807",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39807"
          },
          {
            "name": "39815",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39815"
          },
          {
            "name": "39823",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39823"
          },
          {
            "name": "39822",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39822"
          },
          {
            "name": "39817",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39817"
          },
          {
            "name": "39825",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39825"
          },
          {
            "name": "39812",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39812"
          },
          {
            "name": "39818",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39818"
          },
          {
            "name": "39824",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39824"
          },
          {
            "name": "39819",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39819"
          },
          {
            "name": "27022",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/27022"
          },
          {
            "name": "39810",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39810"
          },
          {
            "name": "39814",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39814"
          },
          {
            "name": "39816",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39816"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-12-25T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONF[app_root] parameter to (1) tcuser.class.php, (2) absencecount.inc.php, (3) avatar.inc.php, (4) csvhandler.class.php, (5) functions.tcpro.php, (6) header.html.inc.php, (7) joomlajack.tcpro.php, (8) menu.inc.php, (9) other.inc.php, (10) tcabsence.class.php, (11) tcabsencegroup.class.php, (12) tcallowance.class.php, (13) tcannouncement.class.php, (14) tcconfig.class.php, (15) tcdaynote.class.php, (16) tcgroup.class.php, (17) tcholiday.class.php, (18) tclogin.class.php, (19) tcmonth.class.php, (20) tctemplate.class.php, (21) tcusergroup.class.php, or (22) tcuseroption.class.php in includes/, possibly a related issue to CVE-2006-4845."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "39813",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39813"
        },
        {
          "name": "39821",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39821"
        },
        {
          "name": "39809",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39809"
        },
        {
          "name": "39811",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39811"
        },
        {
          "name": "39820",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39820"
        },
        {
          "name": "39806",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39806"
        },
        {
          "name": "39808",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39808"
        },
        {
          "name": "39826",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39826"
        },
        {
          "name": "39805",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39805"
        },
        {
          "name": "4785",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/4785"
        },
        {
          "name": "teamcal-multiple-file-include(39212)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39212"
        },
        {
          "name": "39807",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39807"
        },
        {
          "name": "39815",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39815"
        },
        {
          "name": "39823",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39823"
        },
        {
          "name": "39822",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39822"
        },
        {
          "name": "39817",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39817"
        },
        {
          "name": "39825",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39825"
        },
        {
          "name": "39812",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39812"
        },
        {
          "name": "39818",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39818"
        },
        {
          "name": "39824",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39824"
        },
        {
          "name": "39819",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39819"
        },
        {
          "name": "27022",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/27022"
        },
        {
          "name": "39810",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39810"
        },
        {
          "name": "39814",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39814"
        },
        {
          "name": "39816",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39816"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-6553",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONF[app_root] parameter to (1) tcuser.class.php, (2) absencecount.inc.php, (3) avatar.inc.php, (4) csvhandler.class.php, (5) functions.tcpro.php, (6) header.html.inc.php, (7) joomlajack.tcpro.php, (8) menu.inc.php, (9) other.inc.php, (10) tcabsence.class.php, (11) tcabsencegroup.class.php, (12) tcallowance.class.php, (13) tcannouncement.class.php, (14) tcconfig.class.php, (15) tcdaynote.class.php, (16) tcgroup.class.php, (17) tcholiday.class.php, (18) tclogin.class.php, (19) tcmonth.class.php, (20) tctemplate.class.php, (21) tcusergroup.class.php, or (22) tcuseroption.class.php in includes/, possibly a related issue to CVE-2006-4845."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "39813",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39813"
            },
            {
              "name": "39821",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39821"
            },
            {
              "name": "39809",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39809"
            },
            {
              "name": "39811",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39811"
            },
            {
              "name": "39820",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39820"
            },
            {
              "name": "39806",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39806"
            },
            {
              "name": "39808",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39808"
            },
            {
              "name": "39826",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39826"
            },
            {
              "name": "39805",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39805"
            },
            {
              "name": "4785",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/4785"
            },
            {
              "name": "teamcal-multiple-file-include(39212)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39212"
            },
            {
              "name": "39807",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39807"
            },
            {
              "name": "39815",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39815"
            },
            {
              "name": "39823",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39823"
            },
            {
              "name": "39822",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39822"
            },
            {
              "name": "39817",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39817"
            },
            {
              "name": "39825",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39825"
            },
            {
              "name": "39812",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39812"
            },
            {
              "name": "39818",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39818"
            },
            {
              "name": "39824",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39824"
            },
            {
              "name": "39819",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39819"
            },
            {
              "name": "27022",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/27022"
            },
            {
              "name": "39810",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39810"
            },
            {
              "name": "39814",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39814"
            },
            {
              "name": "39816",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39816"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-6553",
    "datePublished": "2007-12-28T00:00:00.000Z",
    "dateReserved": "2007-12-27T00:00:00.000Z",
    "dateUpdated": "2024-08-07T16:11:06.050Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2007-6553

CVE-2007-6553 (GCVE-0-2007-6553)

Tags

Sightings

Nomenclature