{ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-2260", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple PHP remote file inclusion vulnerabilities in bibtex mase beta 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the bibtexrootrel parameter to (1) unavailable.php, (2) source.php, (3) log.php, (4) latex.php, (5) indexinfo.php, (6) index.php, (7) importinfo.php, (8) import.php, (9) examplefile.php, (10) clearinfo.php, (11) clear.php, (12) aboutinfo.php, (13) about.php, and other unspecified files." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "35628", "refsource": "OSVDB", "url": "http://osvdb.org/35628" }, { "name": "35624", "refsource": "OSVDB", "url": "http://osvdb.org/35624" }, { "name": "35631", "refsource": "OSVDB", "url": "http://osvdb.org/35631" }, { "name": "35633", "refsource": "OSVDB", "url": "http://osvdb.org/35633" }, { "name": "35629", "refsource": "OSVDB", "url": "http://osvdb.org/35629" }, { "name": "35622", "refsource": "OSVDB", "url": "http://osvdb.org/35622" }, { "name": "35621", "refsource": "OSVDB", "url": "http://osvdb.org/35621" }, { "name": "20070422 bibtex mase Remote File Inclusion", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/466683/100/0/threaded" }, { "name": "35625", "refsource": "OSVDB", "url": "http://osvdb.org/35625" }, { "name": "35623", "refsource": "OSVDB", "url": "http://osvdb.org/35623" }, { "name": "35632", "refsource": "OSVDB", "url": "http://osvdb.org/35632" }, { "name": "2624", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/2624" }, { "name": "35626", "refsource": "OSVDB", "url": "http://osvdb.org/35626" }, { "name": "35630", "refsource": "OSVDB", "url": "http://osvdb.org/35630" }, { "name": "35627", "refsource": "OSVDB", "url": "http://osvdb.org/35627" } ] } }